February 14, 2018
Ademero is a document management software (DMS) supplier whose platform assists companies to keep trail of big numbers of documents and change to a paperless setting, but is Ademero HIPAA conforming? Can its DMS be used by healthcare companies without breaching HIPAA Laws?
Ademero and HIPAA
The HIPAA Safety Law contains needed and addressable application descriptions. Any application description that is needed should be applied to abide by HIPAA Laws. Strictly speaking, addressable application requirements are not needed. Those application requirements include some flexibility. For example, data encryption isn’t a needed element, however, that doesn’t mean it can be ignored. If the decision is taken not to encode data that is acceptable provided that the decision was based on a danger analysis and the decision not to use encryption is documented. Substitute controls should also be put in place that provide an equivalent level of safety.
Software solutions that support HIPAA conformity will have suitable controls in place to satisfy the essential elements of HIPAA and will meet or be compatible with the addressable elements of HIPAA. (See HIPAA conformity for SaaS)
Ademero has described on its website (and in a white paper) the conditions of HIPAA and how they apply to software. The firm explains in detail how its software includes all of the needed elements, and how healthcare companies should make sure all addressable application specifications are fulfilled.
Ademero contains access and audit controls, letting managers to cautiously control who has access to the software and the records uploaded to the DMS. Administrators have visibility into the ePHI uploaded to user accounts, and audit controls make sure that login and logoff activity, edits, updates, file access, copies of documents and downloads are traced. All files uploaded to the platform and stowed in the DMS is encrypted. Ademero also works closely with HIPAA conforming cloud Google Cloud Platform.
Based on the controls in place, Ademero is definitely safe and is undoubtedly a high-class document management software solution, however, is Ademero HIPAA conforming and appropriate for use by healthcare companies?
Is Ademero HIPAA Conforming?
Ademero has gone to great lengths to make it clear that its facility has all of the required security controls in place to make certain users of the document management system can evade breaches of HIPAA Laws. Ademero has also verified that the firm is willing to sign a business associate agreement with HIPAA protected units who desire to use its facility.
Therefore, is Ademero HIPAA conforming and can its service be used in connection with PHI? Provided HIPAA protected units or their business associates enter into a business associate contract with Ademero, it can be believed a HIPAA conforming document management system.