Public Statement on TAS United’s Security Access
Protecting privacy is the number one priority for TAS United. Our compliance reflects our commitment to support the highest standards for data processing controls, data security and privacy. We have successfully completed the rigorous independent audit required of the HITRUST and PCI standard. This means you can have complete confidence that your critical data and infrastructure is handled in a facility which employs stringent internal business processes and IT controls for the services provided.
HITRUST Certification
HITRUST and ISO 27001 are considered interchangeable. A HITRUST certification means TAS United meets nationally recognized standards that pertain to Information Security Management Systems (ISMS) and related procedures, such as information security incident management. HITRUST stands for the Health Information Trust Alliance and is the leading information security framework for the healthcare industry. The HITRUST common security framework (CSF) is considered the “gold standard” of healthcare data security. It was developed to address the multitude of security, privacy and regulatory challenges facing healthcare organizations through a comprehensive and flexible framework of prescriptive and scalable security controls.
As a technology focused call center, TAS United recognized that hospitals, home healthcare providers, as well as solo and group practices demand the highest level of PHI security. HITRUST includes federal and state regulations, standards, and frameworks, and incorporates a risk-based approach that provides specific criteria to assess the protection of confidentiality, integrity, and availability of information systems which are relevant to healthcare. The certification process requires every department and employee to complete HIPAA protocols. HITRUST certification provides liability protection and PHI security for all TAS United clients.
PCI Certification
TAS United is PCI certified with annual third-party audits. The Payment Card Industry Data Security Standard is an information security standard used to handle credit cards from major card brands. The standard is administered by the Payment Card Industry Security Standards Council, and its use is mandated by the card brands.
Privacy Program
Closely accompanying our information security program is our privacy program. TAS United complies with privacy legislation already enacted in several states in the US. Among parts of this program is the “Right to Be Forgotten,” which reflects the claim of an individual to have certain data deleted so they can no longer be traced. TAS United extends the protection of our privacy program to all customers, regardless of if they are covered by privacy legislation.
Multi-Factor Authentication and Layered Security
Multi-Factor Authentication offers multiple enhanced layers of security. When accessing TAS United’s secure portal and other accounts, users must provide additional identity verification from Microsoft Azure through their phone, which is already buttressed by secure methods to unlock. This process ensures that only the intended user can access TAS United’s platform.
Encryption
TAS United uses the latest encryption technology to ensure that private information cannot be intercepted by unauthorized users. When your callers provide sensitive information, instead of SMS/MMS messages, we can send the requested information back to the client in an encrypted format called MiSecure that only the end user can read.
Facilities
TAS United currently operates three call center locations. This allows for continuous call processing in the event of weather or other geographical issues. Each location is equipped with security unmatched in our industry. Badge access, security cameras, and a digital management system identify the location of each individual throughout the building. Access is managed to various sensitive areas throughout each facility.
Organization and Management of Security at TAS United
TAS United takes information security very seriously and has representation and sponsorship at the executive level. The company employs a manager of the Support Services Division, who is dedicated to directing information security and data protection activities. The company has trained and experienced staff developing and operating information systems. TAS United has implemented a segregation of duties to protect critical functions. Security is considered in all projects the company undertakes.
Questions or Concerns?
Contact our Compliance officer at compliance@tasunited.com or call today at (855) 555-5555.