HIPAA Compliance

Xrayexpress is fully compliant with HIPAA requirements and standards and has met these requirements for many years prior to the federal regulations.

Security is always a high priority, not only to protect data or hardware loss, but also to ensure patient/client confidentiality. Physical security is maintained by an electronic alarm system with window and door contacts, motion/sound detectors, and keypad entry to the building. The system is monitored around the clock. Our servers use power on password, as well as user level passwords that limits data access to authorized users. All systems are protected by virus protection that is updated daily. Battery backup is used on all systems to ensure maximum up time. All operating systems have the latest updates and security patches available. Servers and workstations are monitored for break-in attempts or other illegal activity. Database servers are not directly accessible from the Internet, this ensures that in the unlikely event of a security breach, no personal data can be accessed or recognized.

The Xrayexpress web server is secured with intrusion detection software and the virus/malware programs used are the most pro-active in the industry. Xrayexpress uses SSL encryption on all sensitive client/patient information sent to, and from, our facility.

We believe that these measures meet and exceed Federal requirements and we continue to upgrade our security safeguards to ensure secure data exchange and physical security.