Internal Audit #160403

 

An internal audit will be conducted by Omega Forms on a routine basis. The results of this audit are made public to allow clients visibility in the operations and safeguards relating to the services they have with Omega Forms.

 

Security Review

1. Servers’ logs examined for intrusions and abnormal behavior.
– No breaches. No unexplained events.

2. Servers patched with latest updates.
– All patches reviewed and applied.

3. Services tested to ensure services operational.
-All services functioning. The Cloud Storage failure from last month did not result in immediate error messages for users; this will be resolved in the new v16 platform.

4. Infrastructure reviewed to ensure platform needs are met.
-All software, hardware, and network components are operating within established parameters.

HIPAA Compliance Reporting

1. Test last backup of client data and PHI on a computer that can serve as an emergency access point.
– Tested and passed.

2. Check for updates to the HIPAA Administrative Simplification Regulation Text.
– March 2013 revision remains current version.

3. Review Omega Forms’s Established Protocols.
– Reviewed.

4. Review any inquires about Omega Forms’s Established Protocols from any client.
– No inquires received.

Code of Conduct for Employees (HIPAA Sanction Policy):

1. Only perform work on authorized computing devices.
2. Do not expose any proprietary information or CD (client data, including client protected health information) to individuals not part of the Omega Forms workforce (including public and other clients).
3. Always favor test data: limit access to CD whenever possible.
4. Use RAM drives when working with CD.
5. Do not talk about, alter, write down, or make personal use of any CD.
6. Do not share or write down computer access points and codes.
7. Lock your computer when not in use.
8. Do not discuss details that identify previous employers with clients.

Any violations of the Code will result in a logged account of the details surrounding the violation. The logged accounts will be reviewed during this Internal Audit and any punitive measures deemed necessary will be taken. Gross offences may demand immediate punitive measure including termination of employment, civil penalties, or criminal penalties.

2 updates

  1. The Status of Services has been adjusted to account for the current drop in quality of Internet service for Web Home Access. The newest version of OmegaForms has been adjusted to operate satisfactory under similar environments; impact to video services for newest version yet to be determined but should remain viable. Options exist where greater quality connectivity is required.

  2. The quality of Internet service has been restored to values before 4/11/2016 for Web Home Access. The Status of Services will not be adjusted back to previous standings as the newest versions of OmegaForms are now updated to operate with less than ideal network connectivity.