Frequently Asked Questions

What is Cloud Computing and Software as a Service (SaaS)?

Cloud computing is the delivery of computing resources as a service rather than a product, whereby shared network, hardware, software, and information are provided to computers and other devices like a utility over the Internet.

Software as a service (SaaS) is a software licensing and delivery model in which software is licensed on a subscription basis and is centrally hosted. SaaS is accessed from a URL that hosts the software using a standard web browser

Is Cloud Software Secure?

Our Cloud software resides behind an Internet firewall with multi-level authentication for a secure system. The Infrastructure including Physical, Perimeter, Network, Servers and Software are actively managed to offer real-time security for the software. A secure encrypted channel is always established between the user’s browser/desktop and our software servers while using the software

Our Cloud environment is protected against SQL Injection, Session hijacking, Cross Site Scripting, Distributed Denial of Service (DDOS), Zero day web worm, Directory Traversal, Brute force login. Moreover data at rest and during transmission is done using encrypted channels

What are HIPAA, HITECH Act and the Omnibus Rule?

HIPAA stands for the Health Insurance Portability and Accountability Act of 1996. It is a federal law that requires specific security and privacy provisions for Protected Health Information (PHI). More information around HIPAA can be found here:

The Health Information Technology for Economic and Clinical Health (HITECH) Act was enacted into law in 2009, to promote the adoption and meaningful use of health information technology in the U.S.

In 2013, the final HIPAA Omnibus rule set further statutory requirements, which greatly enhanced a patient’s right to privacy and security, and further strengthened HIPAA by subjecting all Business Associates (BA) to the same security and privacy rules as Covered Entities under HIPAA.

How does VitalAxis facilitate HIPAA compliance?

Our software meets the regulations mandated under HIPAA, HITECH, and the final HIPAA Omnibus rule. VitalAxis signs Business Associate Agreement (BAA) addendums with its customers.

Our software, hosting environment and related management processes are HIPAA compliant. Our hosting partners are certified against the Common Security Framework (CSF) from the Health Information Trust Alliance (HITRUST) to address HIPAA compliance requirements. The partner is audited for SOC 1 Type 2, SOC 2 Type 2, SOC 3 and ISAE 3402. Over and above this, the control programs for the environment is certified for ISO/IEC 27001:2005 standard for Information Security Management Systems

How does VitalAxis support HIPAA compliance within its product and platform?

In addition to being able to sign HIPAA Business Associate Agreements (BAAs), VitalAxis software has the following features in its solutions as well as organizational policies:

  • Data encryption in transit and at rest
  • Restricted physical access to production servers
  • Strict logical system access controls
  • Access to software features based on user roles
  • Provide audit trail of activities on both users and content
  • Formally defined and tested breach notification policy
  • Training of employees on security procedures and policies
  • Employee access to customer data files is highly restricted

How robust is VitalAxis' Cloud infrastructure?

Our online services are designed to deliver reliability, availability, and performance with a guaranteed 99.9% uptime. Our products are designed and deployed in a mirrored fashion across multiple locations to minimize impact due to disaster situations

What data standards does VitalAxis use?

Our software supports a wide range of industry standards, including HL7, for interfacing needs with EMRs/PMSs, pathology & radiology labs, medical devices and other systems. We support Continuity of Care Record (CCR), Continuity of Care Document (CCD) and Healthcare Information Technology Standards Panel (HITSP) standards

Got other questions?