.jpg)
Health Insurance Portability and Accountability Act
At MedTech we are committed to protecting the confidentiality, integrity, and availability of Protected Health Information against reasonably anticipated threats or hazards to its security, and against reasonably anticipated uses or disclosures that are not permitted.
We achieve this goal through a variety of procedures:
- Documents containing Protected Health Information are disposed of in a locked, tamper-proof box and shredded bi-monthly by an outside service with which MedTech has a Business Associate's Agreement.
- Faxes and E-mails contain a disclosure statement instructing the receiver to handle the item according to HIPAA regulations.
- Records are not released without a written authorization from the patient.
- Information is hand-delivered whenever possible within our organization to deter mishandling of documents.
- Use of unidentified, personal diskettes on any computer or network is not permitted within the organization.
- Changes to health information are requested in writing.
- Mishandled privacy issues are directed to the Privacy Officer, documented and handled accordingly.
Privacy
Since the final privacy rule was published, MedTech has taken many steps to ensure that privacy is priority:
Computer Networks and Systems have Security access Mechanisms in Place
Access is granted on a need-to-know basis.
Business Associate Agreements
Agreements are in place with our associates to ensure privacy is
maintained at all times.
Billing Department Structure
Dedicated fax lines and modems.
System access given on a need-to-know basis.
Information is stored in secure, designated areas.
Communications
Patient account information is discussed with the patient or guarantor only.
Patient Records
Stored in fireproof file cabinet in secure, designated areas.
Warehoused in locked facility.
Employee Education
Employees sign a Confidentiality Agreement upon employment.
In-house seminars are held regarding patient confidentiality and patient rights.
