Free Medisoft Tech Help- Medisoft V26, Medisoft Clinical EHR & More- Courtesy Support Resource

Gavin,
I have isolated three (3) IP addresses that I believe are associated with McKesson software products including Medisoft PM, Office Hours and Medisoft Clinical.

The IP address are on the Amazon S3 server as follows:
207.171.185.201
207.171.163.226
207.171.189.81

I know that McKesson software products are authenticated by means of a remote server. Also, I know that the Formulary Downloader uses the Amazon S3 server.

I need to verify that these IP addresses are for McKesson software products for uploading/downloading Rx data when the Formulary Downloader is enabled. Also, I need to verify that no PHI is being uploaded/downloaded on the Amazon S3 servers.

The matter of what external resources McKesson software connects to is a key security question for all Medisoft clients as it directly affects the risk management HIPAA requirement.

Any assistance that you can provide is greatly appreciated.

I do believe McKesson spells out what they will/will not do with HIPAA protected patient health information in their clinical services and maintenance agreement. If you do not have a copy of this, you should get this from your re-seller or McKesson directly. Basically it says they will abide by the HIPAA HITECH regulation. The document does not list where the servers are located and they could be moved at any time.

If you are worried about Amazon's security, I have studied them and I use them for my backup service. Their servers are more secure than you or I could make a server be secure. I am glad to hear McKesson is using Amazon now because they were running out of bandwidth where ever their old server was.