M I L L E N N I U M
Contact Us Site Map Client Login
 
Services
Media Management
Medical Records
Media Services
The Vault
Media Services
Vault Tour
Media Management
Specialized Services
Software Solutions
Products
Downloads
Partners
About Us
Frequently Asked Questions
Home
Home
 

 
Compliance

 Millennium Records Management - Compliance

Millennium Records Management conforms to all current statutes regarding the safeguarding of records containing personal data. With policies and procedures in place to constantly stay current with the latest laws and statues Millennium meets or exceeds all the current standards in the following areas:

HIPAA Compliance

At Millennium our medical records program is anchored in confidentiality, timely service and value added pricing. Our storage areas meet or exceed all of the privacy requirements of a “Business Associate” as set forth in the HIPAA Act of 1996. In addition, our security standards are rigidly set and enforced and will be readily adaptable to any future security requirements HIPAA may enact.

PCI Compliance

PCI DSS stands for Payment Card Industry Data Security Standard, and is a worldwide security standard assembled by the Payment Card Industry Security Standards Council (PCI SSC). The PCI security standards are technical and operational requirements that were created to help organizations that process card payments prevent credit card fraud, hacking and various other security vulnerabilities and threats. The standards apply to all organizations that store, process or transmit cardholder data – with guidance for software developers and manufacturers of applications and devices used in those transactions. A company processing, storing, or transmitting cardholder data must be PCI DSS compliant. At Millennium Records Management the following safeguards are in place to insure the proper protection of this data under all existing State Statutes

  • Maintaining monitoring and testing to insure a safe and secure network
  • Ensuring internal security processes are in place and constantly reviewed to protect any cardholder data stored at Millennium Records Management
  • Restricting access and control to these records via stringent internal security processes
  • Maintaining and constantly reviewing a thorough information and security policy

Data Privacy Law Compliance

Certain States are now requiring a long list of security practices of companies with customers coming in contact and storing personal data.

The law covers both business practices and technical issues, including:

  • establishing risk management practices
  • establishing employee training
  • creating policies governing handling of personal data
  • verifying third party providers can protect personal data
  • documenting data breaches and changes in business practices
  • encrypt personal data on laptops and mobile devices

Millennium Records Management has reviewed this new law and has enacted policies and procedures to be in compliance for both for existing State Statutes and those scheduled to take place.

Millennium Records Management Security Procedures

  • Employee driving records, credit checks and criminal background checks are conducted and reviewed by management before being considered for employment
  • All MRM employees are drug tested at the time of hire. All MRM employees are also given random tests throughout their employment
  • All MRM employees are required to sign a NDA agreement at the time of hire.
  • All new hires at MRM are thoroughly briefed on the importance of security and the sensitive nature of the data stored by Millennium Records Management.
  • Maintain unmarked facilities
  • Close facility to public and keep doors locked at all times
  • Employ a professional security service which monitors alarm system 24/7
  • Professional surveillance system installed thru out the facility covering all exits and movement through out the facility recorded 24/7
  • Employ movement guarded, pervasive motion detectors
  • Insure all visitors are accompanied by a Millennium representative
  • Equip facility with a fire protection system which exceeds NFPA (National Fire Protection Association) mandated standards

Other important information

Millennium has windows -based computer software that is designed specifically for information management. Our Total Recall Software provides total management of your records from bar coding to detailed analysis and reporting by any specific classification or by individual file.

All of these measures are directed toward securing our clients information and preventing a disaster. In a hard copy environment disaster recovery in itself is problematical. Once paper documents are consumed by fire they are gone forever. To further augment our prevention strategy, we place our clients records through out the warehouse rather than in one location to mitigate a loss since disaster losses usually occur on an isolated basis. Finally, any occurrence could be quickly controlled since our alarm rings directly into the fire department and the fire department is less than 1/10 of a mile away.

 Top
 
Millennium Records Management, 199 Dean Avenue, Franklin, MA 02028, 508-541-3100 service@manageinfo.com