GIT is HIPAA Compliance Company

HIPAA, the Health Insurance Portability and Accountability Act of 1996, is revolutionizing healthcare information management. Any organization that electronically stores or transmits patient information must take enterprise-wide steps to adhere to HIPAA's sweeping privacy, security and transactions standards. Essentially, HIPAA requires healthcare entities to "re-architect" how they capture, store, and transmit health data and to ensure that they protect personal health information and the privacy rights of patients.

Is GIT subject to HIPAA rules?

Under HIPAA privacy rule, " HealthOffice " falls under the extension of Business Associate . A Business Associate (BA) is any person(s) or entity who perform a function or activity on behalf of a Covered Entity (CE) and involves the use or disclosure of Protected Health Information (PHI).

GIT considers the HIPAA regulations a call to revolutionize its overall processes and aggressively move towards a more secure deployment of electronically transmitted healthcare information. By adopting a best practices approach to privacy and security, we earn the confidence of the clients. Confidence equates to loyalty, and loyalty will help leverage our business to obtain untapped, parallel business. 

HIPAA Initiatives @ GIT

1. Every employee signs confidentiality agreement (NDA) with severe penalties for HIPAA violations.

2. Each user has unique login, power-on and screensaver passwords.

3. Access to applications/databases defined on 'need to know' and 'Minimum Necessary' basis and with respect to the job profile.

4. Physical restrictions for unauthorized persons to enter work area and network center.

5. Firewall protection for internal network from the World Wide Web.

6. Enterprise-wide multiple virus protection system

7. Encryption on web based applications (Based on clients requirement & technical facility).

8. Training for all staffs on HIPAA.

9. Staff doesn't share any of their passwords.

10. Staff doesn't discuss or disclose PHI unless it is necessary for operations or processing.

11. Even if discussed or disclosed staffs make sure it is to the " Minimum Necessity ".

12. Personal identifiers like Patient name, Name of facility, SSN etc are removed when the file containing PHI are sent back to client in case of any doubts or for any other purpose.


 
 
Home          |          About Us          |          Products          |           Services         |          Careers         |           Contact Us