Your Protected Health Information Is Secure With Us
3DR Laboratories has developed a highly sophisticated, proprietary system. This software called 3DQ™ allows us to:
- Transmit large DICOM image files to and from hundreds of hospitals
- Timestamp and monitor all internal/external data movements
- Schedule the assignment and processing of clinical cases to our radiological technologists within guaranteed Turnaround Times (TAT’s)
- Customize the clinical protocols used to satisfy the requirements of each client
- Measure and monitor the quality of the work performed by our technologists on behalf of our clients
- Provide a complete, auditable archive of all access, viewing and modifications to each patient’s clinical data
- Produce accurate Monthly Case Reports and Invoices for the services 3DR provides to its clients
- Satisfy all relevant privacy and security regulations specified in the OMNIBUS HIPAA HITECH Act and other Federal and State laws impacting these activities
In order to document its compliance with HIPAA/HITECH regulations and security concerns, 3DR has implemented a formal process under which independent auditors perform an annual audit of its internal systems of controls, policies and procedures associated with its internal systems infrastructure. This annual review has resulted in 3DR Laboratories becoming a holder of a SSAE 16 SOC 2 Type 2 System Security Report.
Sponsored by and prepared by accredited members of the American Institute of Certified Public Accountants, Service Organization Control (SOC) reports are intended to meet the needs of a broad range of users that need to understand internal control at a Service Organization (such as 3DR) as it relates to security, availability, processing, integrity, confidentiality and privacy. The various levels of SOC Reports are derived from consulting engagements performed by qualified CPA firms under the strict guidelines of the AICPA Guide: Reporting on Controls at a Service Organization Relevant to Security, Availability, Processing, Integrity, Confidentiality, or Privacy. These reports are intended for use by stakeholders (e.g., customers, regulators, business partners, suppliers, directors) of the Service Organization that have a thorough understanding of the Service Organization and its internal controls.
There are several levels of SOC Reports; however, the SOC 2 Type 2 Report is the most rigorous and comprehensive report for which to attain certification.