ACN Healthcare is committed to protect Confidentiality, Integrity and Availability of assets belonging to company, customers, suppliers and vendors from threats & to comply with legal, regulatory and contractual obligations by following a risk based approach and paramount to protect the integrity of Global operations to achieve customer delight. We ensure adherence of HIPAA, SSAE16 Type II and Red Flag Rule for Revenue Cycle Management.
ACN Healthcare considers information security management as a key business responsibility which is shared by all members of the management team, lead by Chief information officer (CISO), who in turn assisted by Information security manager (ISM) and team of Global information security forum (GISF). ACN has adopted ISO/IEC: 27001 information security management framework and has been certified by authorized external certifying body.
ACN Healthcare adopts internal audits periodically to ensure the requirements are met for all the information assets, Procedure and documents, Information Technology security, employee security, physical & environment security, incident management, Business continuity management, Disaster management and contractual obligations.
ACN Healthcare assures operating effectiveness and controls are adopted and followed. To ensure ACN carry out a regular assessment by an external qualifying professional, to identify the risks associated with the processes and implement necessary controls. Now ACN is complaint to SSAE 16 Type II.
ACN Healthcare has adhered to Administrative simplification process, Data Privacy and Data Security requirements. Towards this ACN has implemented Administrative, Technical and Physical safeguards in the facility.
The compliance team conducts regular HIPAA audits on the floor and also provide necessary awareness training to all its employees and third party vendors.
A Non Disclosure Agreement is signed by all employees at the time of joining the organization and Third party vendors while signing the contracts, non adherence to compliance will lead to disciplinary action.
Administrative controls of ACN Healthcare includes safeguarding information and computing resources from unauthorized access, systems and procedures for physical access control are developed and implemented. This is achieved by deploying security guards, escorting the visitors, implementing various physical security devices such access cards, biometrics, CCTV etc. This would protect physical access to all business data, related application systems, operating systems software and the systems holding these data and software from unauthorized or illegal access. The controls in place are adopted from the ISO 9001 & ISO 27001 standards and the best practices are implemented across the organization which in turn will be assessed by both internal and external auditors (certification body).
ACN Healthcare considers continuity of business in adverse conditions as important. Adverse conditions are usually caused due to disasters, both natural and man-made. In case of disasters, the priority is safety of human life. The next priority is restoration of critical business processes. ACN have identified the vulnerabilities and implemented necessary controls to prevent extended critical service outages.