Security is critical for systems that store and retrieve patient information.
We are dedicated to a fully secure and HIPAA-compliant system.

eDocList products are HIPAA compliant and meet or exceed HIPAA's Privacy and Security Rule requirements. All transmissions of data (including wireless transmissions) are encrypted using industry-standard 128-bit SSL encryption.

The Health Information Technology for Economic and Clinical Health (HITECH) Act is a federal law that sets standards for the use and handling of electronic health information. As a web-based sign-out list provider, it is important for us to ensure that our services are compliant with the HITECH Act in order to protect the privacy and security of patient information.
To meet these standards, we have implemented a number of measures to ensure compliance with the HITECH Act, including:

  • Encrypting all data in transit and at rest to protect it from unauthorized access
  • Implementing strict access controls to ensure that only authorized individuals can access patient information
  • Providing ongoing training and support to help our customers understand and comply with the regulations
  • Regularly undergoing third-party audits to verify our compliance with HITECH and other relevant regulations
  • Compiance with disaster-recovery procedures and offsite backup.

Front end software security

  1. Username and password-protected - By default password length/strength and username length requirements are in place, but can be further customized depending on your specific institutional requirements.
  2. Administrators (in group accounts) have complete control over their users - add, edit or delete users - including auto-deletion after a set time (i.e. end of residency). Administrators are warned when a user's account is about to expire so they can be removed (i.e. when a resident graduates or otherwise leaves the institution). Control whether users can transfer patients to each other. Audit activity of all users; viewing and editing of patient information is time stamped. You have complete log files to audit all aspects of activity by user.
  3. Automatic logoff after a set time if the computer is left unattended.
  4. All patients lists are backed up for redundancy. Administrators control when patient information is permanently deleted.

Network/Physical Security is housed in a state of the art facility with intrusion detection and automatic firewall management. The system is monitored and maintained 24/7 by dedicated highly trained technicians. To ensure uninterrupted availability of protected health information, our fully redundant networks and power are built for automatic failover, guaranteeing your critical data and applications are always accessible.

Multiple Tier 1 Internet Providers * SAS 70 Type II Certification * Network Monitoring Around the Clock * Parallel, Redundant, Multi-Tiered Network Architecture.

Have your IT department contact us if more information is required.

Our SSL certificates support both industry-standard 128-bit (the same system used by all banking infrastructures) and high-grade 256-bit SSL encryption to secure all of your on-line interactions with eDocList. The bottom line … your sensitive data is secure.