Technology

Scribe Technology Solution’s intelligent modular technology provides integrated end-to-end clinical information management solutions for its customers in an evolutionary — not revolutionary manner. Our simple, practical building blocks provide users with access to increasing levels of functionality — when they are prepared to use it. As a result, change is minimal, but workflow is simplified.


Architecture and Security

The Scribe platform operates as a web-based software as a service system (SaaS) in conjunction with a mobile-based application for users. It is highly scalable due to its modular nature, which allows us to simply add more “processing farms” to meet increased demand. The underlying architecture is based on proven technologies including Microsoft SQL, elasticsearch, Node.JS, and ASP.NET.  Our mobile solutions are both native iOS applications and ReactNative cross platform applications.  All communications between our applications, websites and the backend systems are sent securely over 2048 bit HTTPS encryption.  

Additional applications focus on voice processing, HL7 integrations, messaging and communications, document/encounter processing, workflow management, reporting and analysis, and administration on top of a variety of scalable databases.

The underlying systems in our production data center are built on AWS (Amazon Web Services)  architecture, running on Windows 2016 Servers, and using various HIPAA compliant AWS services. The robust AWS environment significantly enhances our reliability, disaster recovery, and scalability.  This further allows us to scale quickly and efficiently using our modular components.  In fact, we have built systems that automatically respond to user load and spin up new systems at AWS as required to meet service level requirements.

All systems are monitored and protected 24×7 by AWS monitoring systems along with our own internal production infrastructure monitoring dashboards.  We protect our web hosted solutions by using CloudFlare as our DNS hosting solution.  Information is delivered over the web using HTTPS 2048 byte encryption with Thawte SSL certificates and Cloudflare certificates.

Internal access to production systems is tightly controlled and monitored with only key personnel having production level access. Our developers are restricted to development platforms allowing us to easily provide HIPAA compliance. User access and communication of records is automatically tracked by the system and available via our web interface for users to review, monitor and report on as needed under their own internal policies.

Our mobile application access is highly secure as well.  Audio files and other media files captured and/or displayed by our app are “firewalled” and not accessible from other applications.   In addition, all files in the application are encrypted.

Access to the mobile application itself is password protected and can work in conjunction with TouchID if desired. If a mobile device is locked, a user would first need to unlock the device and then login to our application.   Passwords policy for the mobile application is determined by each organization.

The Scribe Platform provides a wealth of flexible permission options which allow administrators the ability to craft role and permission/password structures that match the needs of their internal privacy and security policies.   This includes but not limited to minimum password lengths and formats, as well as password expiration policies.

Scribe personnel working within external systems are securely connected to the Scribe workflow platform via the web for access to documentation and other information required to complete the encounter with unique user-ids and passwords.  To connect to external systems we utilize AWS cloud based server systems that only authorized personnel have access to.  Users are assigned to specific accounts and servers to complete their tasks. These servers allow either web or remote desktop access to the actual external system.  These connections can be accomplished with or without a VPN connection to the server.  Authorization to these systems can be tightly controlled as personnel changes occur.  In limited cases, user access is allowed using personnel’s local computer systems.  In those cases, access is tightly controlled through our production administrators.

Where APIs exist, communication of information to and from external systems is done using secure TLS/SSL, unique private keys, and encrypted authorization to the external system.  Traditional HL7 integrations are secured through site-to-site VPNs established directly to our production integration servers.


Production Environment

Scribe runs a state-of-the-art production environment at AWS (Amazon Web Services).  With AWS we have the ability to easily backup and provide disaster recovery for our systems.  AWS provides a multi-point Internet connection so that uptime and accessibility is maximized.   AWS is the premier cloud based services provider and has certifications by all major certifying organizations including HIPAA and SOC..  (see https://aws.amazon.com/compliance/ for a complete discussion of the AWS environment).  

AWS facilities are linked by high speed connections for production load balancing, backup, and disaster recovery for web access, data storage and telephony. Mirroring of data between the two facilities is accomplished using SQL replication. Telephony systems have redundant circuits provided by NuWave (our telephony provider) for maximum scalability and reliability. Circuits automatically roll between data centers based on capacity needs and availability.

The AWS solution is unique and highly secure and scalable.  A white paper that details all the security policies and procedures for AWS is available here https://aws.amazon.com/whitepapers/overview-of-security-processes/


Monitoring

Our systems are constantly being monitored by AWS to ensure both uptime and acceptable system response times. The production systems themselves monitor a variety of critical functions and we use a variety of open source monitoring tools to monitor other critical functions.  Key metrics are stored in Elasticsearch and presented to operational and technical teams through a variety of dashboards.  Out of tolerance application alerts are swiftly provided to the operational and technical teams, as well as viewable on their corresponding dashboards.


HIPAA Compliance

Our systems are constantly being monitored by AWS to ensure both uptime and acceptable system response times. The production systems themselves monitor a variety of critical functions and we use a variety of open source monitoring tools to monitor other critical functions.  Key metrics are stored in Elasticsearch and presented to operational and technical teams through a variety of dashboards.  Out of tolerance application alerts are swiftly provided to the operational and technical teams, as well as viewable on their corresponding dashboards.


Meaningful Use

The Scribe Platform has been certified to meet meaningful use certification criteria for EHR modules    170.314(a)(9), (g)(1), (g)(4). http://infogard.com/healthcare_it/onc_certification/ehr_certificates