About SYSTOC

SYSTOC ® is a practice management program with a built-in electronic medical record designed to handle the needs of occupational medicine clinics across the United States. It makes occupational health services more effective by enabling you to record and analyze all aspects of a patient's evaluation and treatment, streamline operations, and increase your accuracy.

SYSTOC is a desktop application that uses Windows network security to protect access to the database and the chart files. The application maintains separate logins to identify users and allow auditing of access to a patient's medical record.

Two ancillary applications expand the feature set:
  • SYSTOC_EDITM is a desktop application used to electronically bill clinic services to third party clearinghouses. It uses a SYSTOC login to restrict access to data.
  • iSYSTOCTM is a web-based application that allows a clinic's employer customers access to work-related health information about employees seen at the clinic. The types of information available include work status, work restrictions, immunizations, and negative drug test results. iSYSTOC is installed on a customer's web server and users are authenticated against the customer's SYSTOC database using SYSTOC user accounts.

SYSTOC stores its data on a Microsoft® SQL Server database and uses Windows authentication to permit access to the database. Users may also use a SQL Server user login and password in certain circumstances.

Security Best Practices

UL EHS Sustainability recommends that customers follow these security best practices:
  • Configure user access in the system according to users' roles and responsibilities. Users should have the minimum level of security access needed to perform their job tasks in the system.
  • Train system users on the importance of maintaining the confidentiality of their system passwords. If users ever share their passwords with another user, UL EHS Sustainability recommends that they change their password immediately.
  • Require employees to change their company-assigned passwords the first time they log in to the system.
  • Require or recommend that their users change their passwords every 90 days or another frequency.
  • Require or recommend that their users create more complex passwords that have a minimum of 8 characters and that use symbols or numbers in addition to letters.

Privacy- or Security-Related Inquiries

For privacy- or security-related inquiries only, email the UL EHS Sustainability Privacy Officer at privacy-security@ul.com.