HIPAA Compliance of Apollo and HealthView

LUMEDX Corporation has consistently met or exceeded the security standards required by the original HIPAA Act, and has updated its internal standards to meet the HITECH Act and the HIPAA Omnibus Final Rule of Jan 25th 2013. Additionally, Lumedx monitors and updates its policies to comply with state-based data privacy laws.

Privacy and security are the essence of our software solutions, and we invite you to read our Privacy and Security Policy, our Editorial and Advertising Policy, and our Terms and Conditions of Use. Feel free to browse throughout LUMEDX.com, and please read our Mission Statement in the "About Us" section of LUMEDX.com.

We have taken proactive product development efforts to enhance Apollo to enable our customers with the HIPAA-compliant security features. Specifically:

  • Ability to set minimum and maximum length password for user passwords
  • Requires alpha, numeric, non-alpha numeric, upper case or lower case characters in password
  • Mandatory password change by establishes process for the SA to require mandatory password changes at set intervals
  • Allows users with proper permission to lock patient records at the event level
  • Ability to lock individual workstation
  • Provides automatic shutdown of Apollo Advance workstations
  • Multiple instances of Apollo Advance running on a single workstation will be supported, allowing users to continue to use the workstation

Additional security features include:

  • Audit Trail: Strengthens the current audit trail to track users who change passwords, have auto shutdown sessions, etc.
  • Secret Question: Stores a secret question and answer to identify a user remotely in case their password is forgotten, provides a new one
  • Increased capacity for NoAccess Filters: Increased the number of entries an SA can have to restrict access to a particular filter

HealthView HIPAA compliance

HealthView incorporates a security policy that:

  • Ensures the integrity and confidentiality of information
  • Protects against reasonably anticipated threats or hazards to the security or integrity of the information
  • Protects against unauthorized use or disclosure of information