Home / HIPAA Compliance and Security
HIPAA Compliance and Security
Protecting PHI in the Digital Workplace
WebChartMD attaches two different audit trails to every document:
Document History Audit Trail
WebChartMD captures and stores all versions of documents edited via the WebChartMD portal in a Document History audit
trail. This insures a complete and transparent record of any edits made to patient records, including the time and date of edit,
and the author of the edits.
Comprehensive Audit Trail
All document and dictation access is captured in a comprehensive audit trail, with every action taken against the document or
dictation being made available to view via the web portal. Each action is also marked with a date/time stamp, the type of
action, and the username of the person who performed the action (see below screen image).
· All Web traffic is sent over a 128-bit encrypted SSL channel.
· All dictations and documents are stored in an encrypted form in the database. A 256-bit AES (Rijndael) encryption scheme
is used to accomplish this. The same scheme is also approved for securing TOP SECRET US Government data by the NSA
(PDF) <http://www.cnss.gov/Assets/pdf/cnssp_15_fs.pdf>.
·     All passwords are stored using a one way hash and a random salt value. When users authenticate themselves on the web
portal, the passwords entered are hashed as well and only hashes are compared, thus increasing user password security.
WebChartMD takes the following steps to protect PHI from being stored on the computers of employees involved in the
production and management of patient healthcare information:
·   Many web-based systems inadvertently store files accessed from a web-based application in a Temp or temporary
internet folder. WebChartMD’s system sweeps the user’s Temp directory and automatically purges all PHI that was opened by
the user after each access to their online account.
·  After transcribing and uploading a completed document, WebChartMD immediately purges the audio file from the
transcriptionist’s computer. A copy of the completed transcription is stored for five days on the transcriptionist’s computer in a
hidden folder (ShadowCopy) for disaster recovery purposes and then is completely purged.
Ace Networks Inc.
1311 S. Anaheim Blvd.
Anaheim, CA 92805-6202

Email: helpdesk@acedictation.com
Phone: 714-916-2462

Ace Networks uses WebchartMD a secure dictation platform to ensure complete HIPAA compliance, confidentiality and security of your customers' information.
Encryption and password protection
Audit Trails
Request a free transcription quote
or call 714-916-2462