Our quality is what binds us to our customers and it is our constant endeavor to offer consistent quality service of the highest order which will boost your company’s output and status in the market as the leader.
Infrastructure is the skeletal framework around which the functional component of REQS is efficiently developed and is responsible for the output of the quality product which singles out us out from others.
Quality Driven Team:
Quality implementation saves management cost, improves profitability and competitive ability.
Ensuring quality involves monitoring key process parameters of each client process, conducting audit prior to service delivery where required and detected defects are scrutinized and rectified. Where ever applicable contingent process stability and capacity and root cause analysis are carried out followed by corrective and also preventive actions where ever required.
All process performance measures are captured in dashboards available to our clients that help summarize the stability and capability of the process at any given point in time.
Statistical & Process stabilitycapability
- Collect and analyze process output data for Process improvement plans.
- Reducing variability is our key in improving quality and profit, statistics is our power tool.
- Our statistical technique includes measure,analyze, improve and sustain business process improvements.
- Regular forecasting of business for improved and enhanced operation plans.
As our focus and our client base have been the U.S Healthcare industry, we fully understand the value and importance of PHI(Protected Health Information). Hence we align quality policies with our customers outsourcing objectives, to ensure compliance and integrity. As a result, we have in place sequential steps aimed at ensuring that PHI entrusted to us is fully protected.
REQS Security & Best Practices
Adoption of 100% security measures at each step ensures total protection of client’s health information data.
- Access control – Unique user Identification,Emergency access procedure, Automatic logoff, Encryption and Decryption.
- Audit Controls – Hardware, software, and/or procedural mechanisms that record and examine activity in information systems that contain or use ePHI.
- Integrity – Mechanisms to corroborate that ePHI has not been altered or destroyed in an unauthorized manner.
- Authentication:- Procedures to verify that a person or entity seeking access to ePHI is the one claimed.
- Transmission Security:- Integrity Control.
- Facility Access controls – Contingency Operations (disaster recovery plan), unauthorized physical access, tampering, and theft, validate a person’s access to facilities based on their role or function, including visitor control, and control of access to software programs for testing and revision, Records Maintenance.
- Workstation Use:- Clear desk policy.
- Workstation Security:- Workstations that access ePHI got restrict access to authorized users.
- Device and Media Controls – Disposal, Media Re-Use, Accountability, Data Backup and Storage
- Security Management Process – Risk Analysis( PHI is being used and stored), Risk Management, Sanction Policy, Information Systems Activity Reviews.
- Workforce Security – Employee Oversight.
- Information Access Management – Multiple Organizations(Ensure that PHI is not accessed by parent or partner organizations), ePHI Access.
- Security Awareness and Training – Security Reminders, Protection Against Malware, Login Monitoring, Password management, Response and Reporting
- Evaluations – Periodic evaluations to see if any changesin the business or the law require changes to your HIPAA compliance procedures.
- Business Associate Agreements:- An NDA with business partners who will have access to your PHI in order to ensure that they will be compliant.
Monitoring is the key to efficiency
Periodic monitoring of identification of short comings and timely efficient corrective measures being instituted. Provision for client audit teams to partake in the security audits on the dedicated network provided for their services.
- We consistently monitor and regularly review the firewall logs.
- Our audits ranges across periodic network and host vulnerability audits, systematic Information security management and control audits.
- We believe in transparency with our clients and hence we encourage them to conduct security audits on the dedicated network provided for their services
The world-class IT infrastructure coupled with continuous research and the leading edge technologies are the strong point of REQS assuring total client satisfaction.
Our security policy which is endorsed by external security consultants is fundamental to our overall world-class assurance of safety of all patient related data. Our center boasts of an advanced IT structure to suit our client needs and at the same time, it is adaptable and flexible accommodating a variety of support solutions.
It is the application of continuous research and test methodology with leading edge technologies and incorporation of appropriate tool set which is responsible for ensuring the highest value to our customers meeting their expectations.
- Internet leased lines
- Internet bandwidth is from three different service providers for redundancy
- Bandwidth monitoring using MRTG graphs
- TCP/IP based local area network with 100/1000 MBPS speed
- D-Link and Link sys switches are used for physical connection
- Monitoring network performance using managable switches.
- Capability of capturing data from multiple sources
- E-Fax, e-mail, FTP Server and VPN to capture data
- Backup policies are defined as per the process requirements
- Restricted access to internet and e-mails
- Controlled access to the network printers
- Secure and dedicated infrastructure
- 24/7 on-campus security staff
- Bio-Metric access controller to enter into the office
- Point-to-Point network connectivity using routers that are configured with DES
- Encryption at both ends
- Anti-virus software
- User-Ids and passwords to log into the systems
- Security policies are defined(desktop,password, e-mail, and domain)
- 24/7 IT Staff availability
- Certified IT team members in various technologies
- In-house IT development team to design and develop the applications based on the client’s requirements.
- Regular reviews of firewall logs
- Periodic network and host vulnerability tests
- Regular internal audits