We've got you covered

Data Security & Regulatory Compliance

 

C-SATS' secure environment complies with the applicable standards, implementation, specifications and requirements of HIPAA and HITECH. C-SATS stores all media and data in Amazon Web Services, a provider that complies with ISO 27001 global security standard, publishes SOC reports, and is a member of the Cloud Security Alliance. 


Personally identifiable information

 

When a reviewer sees your C-SATS video, no identifiable information about either patients or providers is shared. C-SATS’ HIPAA secure service ensures removal of all such information before your video is posted for review.


Discoverability

 

C-SATS recommends the information generated from the system be used for quality improvement purposes, and C-SATS can comply with your institution's Patient Safety Organization (PSO) guidelines. Our team has created a virtual environment that allows us to store Patient Safety Work Product (PSWP) within the Patient Safety Evaluation System (PSES) as defined by PSO. By making C-SATS a part of your institution’s quality improvement and patient safety program, the information may be afforded peer review protection in a court of law.


Security Standards

 
hipaa.png
 

C-SATS complies with applicable standards, implementation specifications, and requirements of the Health Insurance Portability and Accountability Act of 1996 (HIPAA). C-SATS is also fully prepared to work directly with Patient Safety Organizations, as defined by the Patient Safety and Quality Improvement Act of 2005 .

 
 

All server traffic is encrypted in transit using only the strongest protocols and ciphers as recommended by Qualys SSL Labs. Our webservers support Forward Secrecy and HTTP Strict Transport Security.

 
 

All data is encrypted at rest using 256-bit AES encryption.


 

We demand the highest security and compliance from our vendors.

 
 
isoLogo

C-SATS uses Amazon Web Services (AWS) and Box.com, both of which are certified compliant with the ISO 27001 global security standard. 

aicpasocLogo

AWS and Box.com publish a full set of compliance reports including SOC 1 (SSAE16) Type II, Soc 2 Type II, and SOC 3.

csaLogo

AWS and Box.com are both members of the Cloud Security Alliance's Security, Trust and Assurance Registry.

 

questions?

 Contact our security team for more information