All Bristol Health Services employees and subcontractors conform to HIPAA regulations by adhering to the following practices:

   All hard-copy documents will be shredded prior to disposal.
  All computer files and directories will prevent unauthorized viewing, deleting, or copying of patient data.
  All computers will be configured to prevent unauthorized use, and security devices will be employed to prevent theft of computers.
  No client-related documents will be sent from a computer without a minimum of 128-bit encryption.
  No patient or client names will be stored by Bristol Health Services in any form of database for use after termination of a client contract, unless requested.

Our interface for uploading or downloading of voice files and transcribed notes is protected by 128-bit encryption through the use of our Secure Socket Layer (SSL) digital certificate. All information and file transfers through our web interface pass through a minimum 128-bit encryption.

Bristol Health Services is committed to implementing the required policies, procedures and systems in response to the requirements of the HIPAA Final Rule of February 20, 2003. These areas include but are not limited to:

• Standards for administrative simplification
• Standards for electronic signatures
• Standards for privacy of individually identifiable health information
 

Bristol Health Services has developed and implemented the necessary Business Associate Agreements, protocols, methods, practices and software necessary to maintain the confidentiality of PHI (Protected Health Information) as well as the security and encryption methods and applications to ensure the security of our systems, products, applications and networks.

Bristol Health Services is prepared to work with its business partners who are HIPAA-covered entities to ensure the timely and effective implementation of our respective compliance plans.