HIPAA
What is it?
Our medical transcription process strictly adheres to the HIPAA or Health Insurance Portability and Accountability Act. HIPAA is a collection of regulatory and legal requirements designed to govern the increased electronic transfer of health relation information.
This law is mandatory and ensures the continuity of healthcare coverage for individuals. It includes stringent provisions that has a huge impact on the management of health information, and it also helps in simplifying the administration of health insurance and aims to combat waste, fraud and abuse in healthcare and health insurance.
The objective of HIPAA
The prime objective of this organization which came into force in 1996 is to protect and safeguard the patient information, while it is transmitted over the internet.
We, at Oriental Solutions have been focused on this objective from the day we started the process of medical transcription. We know how important and confidential is to safeguard the patient’s information and HIPAA regulations have been very helpful in maintaining it.
HIPAA guidelines are today creating improvement in healthcare industry.
In Oriental Solutions, we follow a set of administrative procedures and policies that are based on HIPAA guidelines, to protect the confidentiality and integrity of all the information, related to the patient. This security of patient information calls for a signing an NDA (non-disclosure agreement) or confidentiality statement by all associates.
We ensure that all our services exceed the HIPAA guidelines in the four categories:
- AdministrativeProcedures
- Physical Safeguards
- Security Services
- Security Mechanisms
HIPAA Questionnare
- Do you have policies and procedures for ensuring the privacy of its clients' Protected Health Information (PHI)?
- Do you have a formal privacy awareness, education and training program available to its workforce?
- Have you conducted a formal assessment of the sensitivity, vulnerability security of its programs and the client PHI it receives?
- Have you conducted a technical and non-technical evaluation of the implemented security standards?
- Do you maintain audit logs of system activity to monitor processing, sharing and transmitting of PHI?
- Are unique user identification codes required in order to access systems that process or manipulate client PHI?
- Do your systems used to process or manipulate client PHI automatically log out following a period of inactivity?
- Does Oriental Solutions employ a particular individual who is assigned responsibility for information security?
All the privacy and security guidelines are updated periodically based on the inputs given by the HIPAA consultants.
To know more on HIPAA, click on the link: http://www.hipaa.org
Our contribution towards the goal of protecting the health information:
- Encryption technology for transmission of information
- Security measures to assure that the production facility and our corporate office is safeguarded from unauthorized individuals
- Restricted users to data center. Restricted entry via IDs and password that has to be changed periodically.
- Measures in place that ensures any user passing by a workstation could not inadvertently access patient information
- Data backup and storage plan in place
- Availability of patient data via redundant computer system
- Systematic audit trails that traces all actions from audio file input through completed report distribution
- User access privileges that are based on title, experience level, department or access requirements assigned by the organization
Association with HIPAA
We help in assisting our clients in the ongoing process of negotiating and finalizing the required business associate requirements.
Moving forward, we are making efforts to be knowledgeable and responsive with regards to any changes in the final privacy rule and security rule as well as to act as a compliant business associate.
We work with the most trusted companies and use the industry’s most cutting edge technologies to deliver, updated and manage security & compliance mechanisms in a safe environment for all your transcription data.
The login information is stored on our physically secure servers in an encrypted format which makes it completely protected and unreadable from external harm and any fraudulent activity.
We ensure that all the data stored is protected by firewall, to avoid any intrusion and hacking. The secured networks assigned by us have a “non-routable” network addresses that are invalid for use on the public internet and cannot be accessed directly.
Data is regularly saved using on-line and off-line data backup system and is kept in a fireproof setup protected by security guards round the clock.