Security and Confidentiality

Net Transcripts’ platforms have been specifically developed to facilitate the encrypted transfer of recorded media and transcribed documents. The following standards and procedures have been implemented to ensure the integrity and confidentiality of every file we process.

Data Center

The Company utilizes Microsoft Azure Government Cloud as its provider to host and store all files. The Azure Government Cloud and infrastructure are Department of Defense Level 5 certified. Azure Government is compliant with FedRAMP High and Moderate, DoD Impact Level 2 PA, 4 PA and 5 PA,CJIS in 29 states, HIPPA and IRS 1075.

Data Encryption

Files transferred via the Transcript Management Center are authenticated and encrypted through the use of a 256-bit SSL certificate and asymmetric 2,048-bit RSA key, establishing a secure HTTPS operating environment.

Chain of Custody Tracking

Transcription orders are tracked from the time they are placed until completed. Customers, transcribers, employees and administrators all have unique access credentials which are used to log activity and control file access.

Data Retention

Completed transcripts can be securely retrieved from the Transcript Management Center for up to 90 days, after which the recordings are automatically purged, and transcripts are archived for up to three years.

Local Area Network

Network Access Protection and Microsoft PKI for Windows Server 2013 enable clients to exchange information with enhanced security, and restrict them from accessing the network until the client can prove policy compliance.

Workstations

All workstations are individually password protected, programmed to log off after 10 minutes of inactivity and automatically update to run the most current versions of anti-virus, anti-spyware and anti-malware software.

Physical Security

Our facility is secured by video surveillance and alarm monitoring systems. Entry and exit is restricted by electronic access cards and a biometric scanner. Analog media is stored in a locked evidence cabinet until it is returned or professionally shredded on site.

All transcripts are processed in the United States by our highly skilled personnel. All of Net Transcripts’ employees and contractors undergo a screening and vetting process which includes:

• Electronic verification (E-Verify) of United States citizenship
• Nationwide search for public records of felonies and misdemeanor offenses
• Checked against the National Sexual Offenders Registry
• Persons with felony arrests or involvement with misdemeanors of moral turpitude, perjury or false statement issues are excluded
• Federal Tax Identification Numbers are confirmed and a complete home address and employment history is verified
• Identities are confirmed by local law enforcement using FBI Fingerprint Cards which are maintained on file
• Rigorous assessment process, routine performance reviews and work quality audits

All employees and contractors are bound by a comprehensive Confidentiality Agreement, which includes specific Conflict of Interest provisions. These agreements are meant to protect and preserve the confidentiality and privacy of all information, including:

• Any material contained on audio/video recordings, including named parties and subject content
• The identities of Net Transcripts’ customers, and any agreements between Net Transcripts and those customers
• Any additional information derived from or related to work performance

Additionally, our systems have been designed to minimize potential conflicts of interest by utilizing job assignment methodologies that limit job types to specific personnel based upon a controlled vetting and approval process.

Net Transcripts is compliant with the following Federal and Industry specified mandates:

• Criminal Justice Information Systems (CJIS) compliant file transfers
• Department of Defense Federal Acquisition Regulation requirements
• FedRAMP Program P-ATOs and ATOs
• FIPS 140-2 Minimum Security Requirements for Federal Info Processing Standard
• HIPAA compliant confidentiality agreements
• MARS-E US Minimum Acceptable Risk Standards for Exchanges
• US NIST 800-171 security requirements

It is our purpose to provide government agencies with a secure, cost-effective alternative for the transcription of highly sensitive, confidential information.