ShieldQ patient confidentiality and security measures

ShieldQ recognizes that securing personal medical record information is of great concern to both patients and providers in the healthcare industry.

ShieldQ also recognizes that as a matter of compliance, any service provider working with healthcare providers must be HIPAA compliant. To address these concerns, ShieldQ implements three levels of security to documents: technical, physical and procedural.

Technical

  • ShieldQ uses security methods to determine the identity of its users and operators, so that appropriate rights and restrictions can be enforced for that user.

  • ShieldQ uses both password protection and usernames in its authentication process.

  • ShieldQ provides full access control to documents received:

    • Customers can control which account users can view or edit the document(s).

  • ShieldQ customer service staff cannot view customer’s document content.

Physical

  • All ShieldQ servers are housed in secure environments, which can be accessed by approved personnel only.

  • All documents are stored in a HIPAA-compliant cloud service within the US.

Procedural

ShieldQ recommends clients who are covered entities to apply the following measures as prerequisites before processing documents in the ShieldQ system:

  • Sign a Business Associate Agreement (BAA) with ShieldQ. ShieldQ, as a HIPAA-compliant service provider, will sign a BAA agreement with any client who is a covered entity. Please contact us to request our standard BAA.

  • Avoid placing patient-identifying information into any data fields. All document metadata is retained indefinitely for billing and archiving. Since ShieldQ does not address HIPAA requirements for archive handling, patient-identifying information must not reside anywhere, except in the document itself.

  • Establish procedures for document management. Establish procedures and train staff on proper document use within ShieldQ (for example, when documents may be downloaded to local machines, where should documents be stored, etc)

If you'd like more information or clarification on any HIPAA-related issues that involve ShieldQ, please do not hesitate to contact Mr. Ernest Palla, Managing Director of InterFAX US Inc.