HIPAA

RadPhysics software products and services meet or exceed industry standards with respect to the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”). Our software is designed to assist our customers in meeting HIPAA compliance standards.

COMMITMENT

RadPhysics is committed to maintaining a secure computing environment for its customers. RadPhysics will follow all pertinent federal regulations related to information confidentiality. We have measures currently in place to safeguard customer data. These measures support our clients’ compliance with HIPAA. RadPhysics provides tools in the software products to support our customer’s HIPAA compliance.

SOFTWARE SECURITY FEATURES

RadPhysics software systems reside on the customer’s server and are safeguarded by medical facility policies and procedures. MERP uses a relational database that employs a secure login process requiring a user name and password.  The client is responsible for safeguarding all user passwords and changing them as needed. Users are assigned to roles, each with certain access rights, which may include the ability to edit and add data or may limit access to data. When a user adds or modifies data within the database, a record is made that includes which data were changed, the user ID, and the date and time the changes were made.  This establishes an audit trail and a retrospective analysis of any change to the database that can be examined by authorized system administrators.

REMOTE TECHNOLOGY

RadPhysics remote access to customer computer networks uses a fully encrypted protocol or other methods as mutually agreed upon with the customer. Provisions for remote access to customer patient information are performed in a secure manner and in compliance with the Business Associate Agreement.

RADPHYSICS FACILITY SECURITY

RadPhysics headquarters is located in Albuquerque, NM (USA). Access to our facility is limited to employees and occasional guests. Our facility is  locked except during business hours. Only RadPhysics employees have access to the premises. Employees have dedicated, password protected computers.

REGULATORY OVERSIGHT

A RadPhysics manager oversees healthcare regulatory affairs including HIPAA regulations. This individual reviews the pertinent regulations, conducts RadPhysics employee training and maintains the RadPhysics HIPAA documentation. RadPhysics has policies that govern all data security matters within RadPhysics and with our customers. RadPhysics employees receive training regarding their responsibility for patient privacy under the HIPAA regulations. Our employees, consultants and advisors are all under a written confidentiality and non-disclosure agreements, the provisions of which are strictly enforced.

BUSINESS ASSOCIATE AGREEMENT

HIPAA requires health care providers to enter into “business associate” contracts with certain businesses to which they disclose patient health information. RadPhysics is prepared to comply with all provisions of the Business Associate contract as provided for in the HIPAA privacy and security rules.

EXPLORE MORE

MERPtm

COMPARE & VALIDATE EXPECTATIONS

MERP helps facilitate a safety culture where greater attention is directed at confirming that detailed processes are performed correctly by referencing various standards, recommendations, and regulations.

MERP provides a methodology to measure performance against benchmark standards of practice.

DECREASE COSTS & INEFFICIENCIES

Radiation oncology is an exceedingly complicated system where accidents happen. Any single error, combination, and propagation of errors in radiation oncology can negatively impact patient outcomes.  An error reduction program helps institutions minimize risk to patients and health care workers.

MERP is a medical error reduction software program specifically designed to help minimize errors, improve performance, reduce cost, lessen liability, decrease regulatory infractions, and positively contribute to patient outcomes in the radiation oncology treatment delivery process. 

TRANSFORM  YOUR PATIENT SAFETY 

Ineffective error management can lead to reduced quality, increased inefficiency, and increased legal and/or regulatory liabilities.

MERP is a powerful tool for implementing proactive risk reduction through error analysis and action plans. MERP facilitates a comprehensive approach to improving patient safety through the reduction of preventable systems-related errors.