Security

Every download or upload activity is recorded and stored in a log file.  Every line in every document is counted automatically to eliminate any billing errors.  All systems are backed up on a daily basis.  Our servers are fully protected by security certificates and passwords.  We have additional servers for redundancy.  We have built simple and effective tools for electronic signatures, faxing, emailing, real time reporting, uploading of audio dictation and downloading of documents.

Our customers send us thousands of files (audio, patient lists, lists of referring doctors, templates) daily; each file is protected and safely stored in the repository.  Our customers have a choice of file transfers (Secure File Transfer Protocol or secure email, web interfaces or Remote Controller, dial-in or faxing).

Our system is a complex combination of software and hardware.  There is a central web server; it has virtually no limits when it comes to the amount of traffic, space and users it can handle.  We have email, database, FTP and storage servers linked to our web server 24/7; and there are multiple telephony servers for phone-in dictations.  In addition, our database is backed up on a daily basis to two different sites. We will maintain a permanent backup for all your transcription work as long as you are our customer at no charge.

Most of our servers are Linux-based.  In addition to having standard protection features such as firewalls, anti-virus and scheduled system upgrades, we enforce several other security measures.  For example, our Apache and PHP are always running in the safe mode.  In addition to firewalls, our code can also distinguish different types of hacker attacks and defend our systems against them.  Our email servers have the same password rules and regulations as web servers

patrick secuirty flow cahrt

All of our servers are located in nationally recognized data centers that have comprehensive security measures and disaster relief protocol.  Each data center features high-density colocation capabilities, diverse and redundant power, innovative cooling, comprehensive security features such as biometric entry and a three-factor authentication (proximity card, fingerprint and iris scan), and redundant network infrastructures.  Furthermore, when old data is purged out of our systems (after 7 years), it is backed up on external hard drives, and these are then placed in highly secure locations with extremely restricted access.

Only registered users can use our solution.  Every screen which asks a user to enter a user ID or password is secured via a GoDaddy trusted certificate, SHA-2, 256 bit encryption, TLS 1.2, RSA with 2048 bit exchange.

We have password guidelines, which we recommend to our users.  Our system enforces password protection as well; such as making sure that there are no duplications of user IDs and passwords, and making sure that the password does not contain repetitive characters, while limiting the number of characters in length.

Our system does not record passwords into the database.  Instead, it records a hash value of the password.  It means that when you enter a password, our system can verify that the password is correct without knowing the real password.   That is made with the purpose of protecting your password – even our employees with the database access will not be able to obtain your password and falsify your signature.  We encourage all users to do the same – please keep your password protected and never disclose it to anyone.  Change password immediately if you have any suspicions that it might be compromised.

We use logging very extensively.  We track and keep logs of user actions, document downloads, faxing, emailing, electronic signature, etc.  Most of these logs are stored in the main database, while records of the table holding the log cannot be purged out, altered, deleted or archived.

We only use digital faxing and digital dial-in dictations.  In both cases we utilize 800 numbers to keep faxing and dial-in dictations free for our customers.  Here is why we use only digital technology:

  • Secured connection
  • Always on (24/7/365)
  • Instant activation and easy maintenance
  • Any number of simultaneous connections at the same time
  • Unlimited amount of incoming/outgoing traffic
  • Highest possible quality

 

Currently, TDS processes over 5 million lines per month, figures that approximate 200,000 medical documents being processed, delivered and stored during this span.  While in operation, systems and websites are monitored continually for continuous, uninterrupted function.  Any lapses in functionality, even in seconds, are reported to the IT department for escalated intervention.  Any system upgrades are typically done late at night, over the weekend, when lower volume usage typically takes place and even in such cases, backup servers are assigned as primary during this time.   All systems routinely undergo and pass PEN-testing by third party security companies.  Our systems had successfully passed PEN-testing by the US Department of Defense (DOD), in addition to meeting all of their comprehensive security requirements, pre-requisites before undertaking business with the Walter Reed Military Medical Center (WRMMC) based in Bethesda, MD.