Dragon MT Workflow System is HIPAA compliant and it has done this with the programs that are described below.

• Nuance has implemented policies to ensure internal HIPAA compliance. In this vein, we have published and implemented internal policies and guidelines that ensure our compliance with the HIPAA Privacy Standards as well as the Security Standards as they pertain to Administrative, Physical, and Technical Safeguards. These guidelines govern such areas as authorized system access based upon a minimum necessary standard, document handling and disposal and electronic and phone conversations. We ensure both implementation and periodic training of our workforce.
• As a technology provider, Nuance provides the core technology to help achieve HIPAA compliance, but it is beholden on customers to implement the appropriate policies and procedures to ensure full compliance. From a product perspective, our system complies with the required Technical Safeguards on Security (including those necessary to meet the Privacy Standards). This includes, for example, unique user identification, 128bit SSL encryption, and integrity controls. When we provide our services as an ASP, we also implement the Administrative and Physical Safeguards necessary to ensure that our clients are compliant with the Security Standards.
• HIPAA Audit - In support of the HIPAA regulations, Nuance keeps a complete audit history of all document activity, from dictation, to transcription to distribution. This functionality is available to the MT Administrator and can be used to quickly determine the full access history of a given job.