Software Overview | HIPAA Compliance | Technical Requirements | System Integration | Testimonials
Order the Web-based software today!
HIPAA Requirements
The FAS assessment application is designed to meet HIPAA requirements. The security features of the FAS system include, but are not limited to, the following:
System Protections
- All data transmission uses 256-bit SSL encryption.
- Includes a time out feature that logs out users automatically after a defined period of inactivity.
- An audit table is maintained in the database to track access, modification and creation of personal, identifiable health information. The audit table captures the user ID of the patient whose data was accessed/modified/created, as well as the date, time, and IP address from where the user logged in.
- Additionally, every record that is written to the database has a date/time stamp as well as the user who added/updated, which is shown on screen for easy reference.
- Personal, identifiable health information is not saved on the user's local desktop by the system.
User ID's and Password Protections
- All users have a unique user ID and require a valid user ID and password to log in to the application.
- Passwords are stored encrypted in the database and are not displayed anywhere in the system.
- Password security rules enforce guidelines for strong passwords
- Exceeding the maximum number of failed login attempts will lock the user account until the agency's IT administrator unlocks it.
Access Protections
- The site-designated administrator grants access privileges to a user based on the roles assigned to the user.
- All login attempts – both successful and failed – are saved in the database with the user ID, IP address, date/time of attempt and outcome (successful or failed).
- An audit table is maintained in the database to track creation of the users and the modification of roles linked to users in the system.