IQMax Platform Enterprise Solutions
All of IQMax’s products are designed to reside and operate inside of the private network of the covered entities using the products. The security and privacy of the data therein is ensured by the overall security the customer facility’s premise network and security policies provides.
IQMax Platform SaaS/Cloud Solutions
IQMax products hosted by IQMax or 3rd party service hosting providers for use in a Software as a Service (SaaS) or Internet Cloud model provide security and privacy tools to the covered entity.
a. Users are individually identified and authenticated using a unique user ID and password.
b. Users are given permissions to restrict their access only to the data deemed necessary by the covered entity.
c. Data is encrypted using SSL and AES encryption.
d. Length of time data is stored on host servers is configured and controlled by the covered entity.
e. Specific data transmitted to host servers is controlled by the covered entity.
f. Database changes are audited via log files.
g. User access is audited via log files.
h. User inactivity timeouts are configured and controlled by the covered entity.
IQMax Connected Care Suite
IQMax Connected Care applications extend data contained either in the Enterprise solution or the SaaS/Cloud solution to the end user’s mobile device or computer workstation. These products render only the data presented to them by the host solution and no data is stored on or retained by the IQMax product on the end user device or workstation.
Privacy and Security
IQMax requires all customers and partners to execute a Business Associate Agreement. In certain instances it may be necessary for IQMax employees to view sensitive information from the covered entity’s system in order to provide proper technical support for our products. IQMax employees are trained that all patient and provider sensitive information viewed as a result of normal support procedures is treated as confidential and private. This data is viewed on secure computer workstations and servers requiring unique usernames and passwords to access such data.
Uniform Coding and Transmission of Data
IQMax uses the covered entity’s HIPAA compliant formats to retransmit data to the entity or other 3rd parties as part of the delivery of services. All data transmitted and received by IQMax products outside of the covered entity’s private network is encrypted and secured by SSL and AES.
Based on the information contained in this statement, it is IQMax’s view that any covered entity using IQMax products is capable of HIPAA compliance as defined by the federally mandated HIPAA Act of 1996.