HIPAA Compliance Statement
Xray Express is fully compliant with US Federal HIPAA Compliant X-Ray requirements and standards and has met these requirements for many years prior to the Federal regulations. All orders are handled in HIPAA compliant manors to maintain PHI confidentiality. Shipping from our facility is done through secure carriers with tracking to maintain the chain of custody and security of all materials.
Security is always a high priority, not only to protect data or material loss, but also to ensure patient/client confidentiality. Physical security is maintained by an electronic alarm system with window and door contacts along with motion sensor detectors. The system is monitored around the clock. Our servers and workstation computers use power on password, as well as user level passwords that limits data access to authorized users.
All systems are protected by antivirus/malware protection that is updated daily and are the most proactive in the industry. Battery backup is used on all systems to ensure maximum up time. All operating systems have the latest updates and security patches available. Servers and workstations are monitored for break-in attempts or other illegal activity. Database servers and workstations are not directly accessible from the Internet, this ensures that in the unlikely event of a security breach, no HIPAA protected PHI can be accessed or recognized.
Additionally, Xray Express uses encryption on all sensitive client/patient databases to insure maximum PHI protection. We believe that these measures meet and exceed Federal requirements and we continue to upgrade and review our security safeguards to ensure secure data exchange and physical security.