Oriental Solutions and its subsidiary companies are registered with ICO and has appointed a Data Protection Officer.

All Management and production staff sign non-disclosure agreements and affidavit of declaration to protect PHI data.

All staff who have access to PHI are recruited only after a successful background check / local police verification is completed.

Our staff undergo HIPAA & GDPR training as part of their induction and are regularly educated of the changing policies.

All production staff use our proprietary work-flow application to access voice files and typed documents which are stored only in the Data Center.

Complete audit trail is maintained by the work-flow application and only authorized users are allowed to access data.

Our Data & Applications are hosted in UK & US, both these data centers are Level 3 centers with ISO 9001, ISO 27001, ISO 22301 certification and PCI DSS compliant.

Our secretaries use RDP access to the practice management application which is again secured by dual access authentication and FOB passwords.

At no point of time data is not downloaded from the RDP terminals and any such downloads are authorized by Data Protection Officer.

Oriental Solutions gets clear mandates while signing service agreements for Data retention and PHI data is removed as per the mandate.