Your client data is safe with RRS.
We are HIPAA Secure Now certified.
We have a deep appreciation for the fact that you are bound ethically and professionally to protect your clients’ private health data. We have an equal obligation to meet the same standards.
Without your trust, we won’t exist. That’s why we’ve implemented multiple security layers to protect your client data, including:
- Using only US-based servers
- 128-bit SSL site encryption
- 256-bit AES data encryption
- User logins and passwords with 2FA
- Java-based technology to block phishing
Your security is our priority.
Our promises to you:
Your clients’ personal information will remain private and their records secure.
Every action taken on your behalf complies with all laws and regulations.
Only US-based servers host your data.
Internal RRS privileged access policies ensure only authorized employees access your data.
RRS is certified by HIPAA Secure Now.
RRS is HIPAA-compliant. What does that mean for you?
HIPAA is a bible at RRS and it helped form the basis for our business model. Because RRS is an innovator in medical record management, we consult HIPAA for guidance before developing any new retrieval process or tool.
Compliance with HIPAA Privacy & Security Rules means we take vigilant measures to:
- Ensure the confidentiality, integrity, and availability of all personal health information and records we create, receive, maintain or transmit
- Identify and protect against reasonably anticipated threats to the security or integrity of the information
- Protect against reasonably anticipated, impermissible uses or disclosures
- Ensure compliance from our workforce by providing HIPAA training
What’s the benefit of using only US-based servers?
Other record retrieval providers store data on servers located outside the United States because it’s cheaper. This is a potentially grave mistake.
Offshore data centers are often not held to the same security standards as those in the US. This means being forced to take them at their word that they comply with HIPAA and US privacy laws. You simply have to cross your fingers and hope they properly backup your data, protect your records, and respond to your record provider’s requests.
If they don’t, there is no reasonable recourse.
At RRS, we know that saving a few pennies is not worth putting our clients at risk. Your data is kept safe and secure on US-based servers that are audited and certified to maintain the highest levels of security. Additionally, your data is backed up three times a day to a remote server. No crossing of fingers required.
Your data is protected by military-grade data encryption.
128-bit SSL site encryption
RRS’s site is SSL-certified using 128-bit encryption. SSL (Secure Sockets Layer) establishes an encrypted link between a server and a web browser for impenetrable security. This industry-standard certification ensures that the information accessed from and provided to our site is transmitted through a secure connection.
256-bit AES data encryption
Medical records and protected health information require advanced data encryption measures, particularly when accessed using mobile devices over open or unencrypted Wi-Fi hotspots. Failing to provide security on this level poses risks and potential liabilities for firms accessing medical records remotely.
Our security meets or exceeds all government standards for data transmission. Records requested from RRS’s website are accessed by 256-bit encrypted code, ensuring that they can be retrieved only by authorized request.
We add the following best practices, because you can never have too much security for health data.
User login and password locking
HIPAA-standard usernames and passwords are required for accessing data, and denial of access is triggered after multiple incorrect login attempts.
2FA (Two-factor authentication)
Exceeding HIPAA standards, this optional service confirms a user’s identity by requiring they enter a one-time code in addition to their password. Codes are sent instantly to the user during login via email or SMS and expire within a few minutes. 2FA adds a nearly impenetrable barrier to false logins and data theft.
Java-based technology and a single URL to prevent phishing
Documents stored on RRS servers are inaccessible via URL or other phishing methods.
Phishing is a fraudulent attempt, usually made through email, to steal personal or client information. Using multiple URLs exposes personal health information to theft. Hackers are given an opportunity to steal data that remains static after an online session is over.
The RRS website uses a single URL and runs exhaustively on Java technology. Using Java-based technology provides dynamic rendering of data without the ability to track data through URLs. As records are uploaded to RRS’s site, they are stored securely outside web folders and can be retrieved only by our secure internal application.
Simple medical record retrieval with RRS
Our process is as easy as 1-2 !
- Average delivery time is 16 days.
- If allowed, our licensed agents will pick up, copy, and digitize paper records (California only).
- “No Records Found” certificates are issued automatically.
Submit your medical record request through our online portal, then go on to more important work.
Your records will be available for download through our secure, encrypted online portal.
- Average delivery time is 16 days.
- If allowed, our licensed agents will pick up, copy, and digitize paper records (California only).
- “No Records Found” certificates are issued automatically.