Is Ademero HIPAA Compliant?
Content Central by Ademero is HIPAA compliant and organizations in the healthcare sector can use the cloud-based document management system to streamline document-intensive processes and workflows when documents contain Protected Health Information (PHI). Ademero has told us the company is willing to enter into a Business Associate Agreement with HIPAA covered entities and business associates as necessary.
What is Content Central?
Content Central is an enterprise document management system that works by capturing documents and files from scanners, network folders, and email accounts, and converting them into searchable PDF files. The PDF files can be grouped together according to administrator-defined values and are stored in a secure cloud server for remote retrieval by authorized users. The process can significantly accelerate workflows by eliminating delays attributable to searching for and retrieving documents.
Once retrieved, documents can be shared with or among other authorized users via the Content Central platform without using external solutions. Alternatively, Content Central can be integrated with collaboration and productivity suites such as Microsoft Office 365 and Google Workspace – subject to the integrations being configured to support HIPAA compliance and a Business Associate Agreement being signed with the third party service provider.
Is Content Central by Ademero HIPAA Compliant?
Ademero Software has developed Content Central with HIPAA compliance at top of mind. The system includes unique user identification controls, automatic logoff, and emergency administrator access to comply with §164.312 of the Technical Safeguards. All documents are encrypted in transit and at rest, and the system’s audit controls allow administrators to track logon and logoff activity, file access, and document histories (i.e., edits, copies, and downloads).
Get The FREE
HIPAA Compliance Checklist
Immediate Delivery of Checklist Link To Your Email Address
Please Enter Correct Email Address
Your Privacy Respected
HIPAA Journal Privacy Policy
Other than assigning user IDs (or integrating Content Central with an existing SSO solution), applying user permissions, and enabling or disabling “system fields”, there is little administrators have to do to make Content Central by Ademero HIPAA compliant. The company is flexible about the content of optional clauses in customers’ Business Associate Agreements and are happy to speak with compliance officers or system administrators who may have operational concerns.
Considerations before Adopting a Document Management System
There are two considerations to take into account before adopting a document management system – the first being that, when paper documents are converted into digital documents, members of the workforce may initially find PHI harder to access and tempted to take compliance shortcuts “to get the job done”. This risk of non-compliance can be overcome by tailoring HIPAA training to explain the purpose of the additional security measures and why they should not be circumnavigated.
The second consideration is the compliant disposal of PHI maintained on paper once it has been scanned and converted into a digital document. HHS’ Office for Civil Rights has published a fact sheet about the compliant disposal of PHI and has fined companies who do not comply with the HIPAA disposal requirements. If your organization is unsure about how best to dispose of PHI in compliance with HIPAA, it is recommended you seek professional compliance advice.
