Myriad and its technology partners take painstaking measures to protect all patient information. The Myriad internal procedures and the procedures of our technology partners for privacy and security meet and exceed all HIPAA regulations related to Electronic Transmission of Patient Information.

Physical Security

  • Physical access to our networking facility is limited to authorized personnel only. Authorized access is controlled by multiple layers of security, including badges, 24 / 7 security guards, and biometric access control mechanisms, plus access keys and monitored internally and externally with video recording equipment. Only authorized staff members that are fully aware and trained in the HIPAA Privacy requirements are issued access.

Information Security

  • We use an ICSA certified firewall and filter on incoming ports allowing only FTP and management ports for administrative access into our system.
  • Our network performs Network Address Translation (NAT) and addresses cannot be routed without traversing the firewall.
  • When our FTP Server is accessed with any FTP Client that also supports SSL all files are encrypted while being sent across the internet. This means, anyone intercepting any data while it is being transferred from our server to your computer could not interpret or decode this data.
  • To access any data from our FTP Server, a valid username and password is required. We are not responsible for the security of files that are transferred out of our control from our server.
  • Customers have the option of encrypting the data in-place on our remote system, using GPG, PGP, Trucrypt, or an alternative encryption tool of their choice, using a level of encryption of their choice. Customers are encouraged by Myriad to encrypt their data in such a fashion, and support documents as well as personal technical support is provided, free of charge, to aid in their integration of such encryption.

Storage Encryption:

  • Users have a number of choices in the transmission and storage encryption algorithms they may use, and may use encryption keys provided by Myriad or implement their own keys.

 

Desktop Access:

  • Access to our network is limited by auto-logoff, ID/password protection, password protected screensavers, and a security-enabled OS
  • Only fully trained staff have access to the server and dictation files for support and maintenance.

Continuity:

  • Our data storage consists of multiple monitored and mirrored EqualLogic Raid Systems which are backed up via snapshots.

 

Privacy:

  • We are not responsible for nor will we provide access to any files on our system to any other person other than those authorized by the originator.
  • We will not release any files directly to a patient.
  • The responsibility for enabling the patients to control their health records including access, disclosures, �minimum necessary' standard, consent and authorization, etc. resides with the medical professional who initiated that document.

Appendix A

What is HIPAA?

The Health Insurance Portability and Accountability Act of 1996 (HIPAA) was a result of congressional healthcare reform proponents to reform healthcare. The HIPAA legislation has four primary objectives.

  • Assure health insurance portability by eliminating job-lock due to pre-existing medical conditions
  • Reduce healthcare fraud and abuse
  • Enforce standards for health information
  • Guarantee security and privacy of health information

Can the Internet be used for and still meet HIPAA requirements?

Yes, as long as the use of encryption and password protection to prevent unauthorized access to the PHI. Dictations done on a telephone does not need to be encrypted. However, voice files transmitted by portable recorders should be encrypted prior to transmission over the Internet

Transcribed documents must be sent back to the healthcare provider in a secure manner using encrypted email or a secure FTP site or may be faxed with a disclaimer statement explaining the confidential nature of the document.

Who and what are a Covered Entity and a Business Associate?

HIPAA defines a Covered Entity (CE) as a health plan, a healthcare clearinghouse, or a healthcare provider who transmits any health information in electronic form in connection with a HIPAA transaction. A physician's office or medical clinic would fall under the category of a Covered Entity.

A Business Associate (BA) is a person or organization that performs a function or activity on behalf of the Covered Entity (CE), but is not a part of the covered entity's work force.

What rights does the patient have under HIPAA?

HIPAA provides the patient with many new rights in relation to their healthcare documentation. Some of them are:

  • Review his/her entire medical record
  • Request changes within documentation, which can be denied by physician for specific reasons
  • Request documentation of every time his or her PHI was accessed, along with identity of the individual accessing the document with specific reason for doing so
  • To know how much of the PHI information was shared
  • What the facility (Covered Entity's) policies and procedures are for security and privacy

 

Who Should I Contact for More Information?
If you have any questions about this privacy statement, the practices of this site, or your interactions with this site, please feel free to contact us at This email address is being protected from spambots. You need JavaScript enabled to view it. This email address is being protected from spambots. You need JavaScript enabled to view it. , or call us at (213) 623-1500. You may also contact us to check the accuracy of any personally identifiable information, or request that such information be updated. Contact us at the following address:

 

Corporate Headquarters
Myriad Technologies, LLC
700 Wilshire Boulevard; Suite 510 
Los Angeles, California 90017

Phone: 213-623-1500

Project Management

Easy to start

Myriad's project management team brings extensive expertise in guiding clients through the minefield of managing eDiscovery and generating productions.
Read More...

Comprehensive Reporting

Modern Design

Comprehensive reporting to assist you with understanding document populations, review and production processes. If you can think it, we can create it with customizable reporting..
Read More...

Streamlined Process

Modern Design

Myriad's all-in-one streamlined approach to eDiscovery is a powerful and efficient method to organize the puzzle pieces, so you can understand the big picture.
Read More...

Go to Top