The Healthcare Insurance and Portability Accountability Act (HIPAA) of 1996 tasks the Department of Health and Human Services (HHS) to establish national standards for electronic health care transactions and national identifiers for providers, health plans, and employers that are involved with certain electronic health transactions, including claims, enrollment, eligibility, payment and coordination of benefits. It specifically addresses the security and privacy of health record data through security of health information systems. As required by Congress, the Privacy Rule covers health plans, health care clearinghouses, and those health care providers who conduct certain financial and administrative transactions electronically. These electronic transactions are those for which standards are required to be adopted by the Secretary under HIPAA, such as electronic billing and fund transfers. These entities (collectively called "covered entities") are bound by the new privacy standards even if they contract with others (called "business associates") to perform some of their essential functions.
How UbiStor Can Help
UbiStor’s online data backup and recovery solutions employ HIPAA-compliant, over-the-wire encryption ensuring that health care organizations and related business associates trying to standardize their electronic data backup and storage will meet confidentiality and security standards with the following solutions:
Storing health records with UbiStor’s online backup and recovery solutions give organizations the confidence in knowing that confidential data is secure, yet quickly accessible. Electronically transporting records using industry-standard encryption to off-site secure locations where the data remains encrypted eliminates the chance of any unethical access or breech of information privacy laws.
UbiStor’s online backup and recovery solutions and managed services can help health care providers and related businesses who administer to health plans, health care clearing houses and those who conduct certain financial and administrative transactions electronically adhere to HIPAA by:
- Storing data at highly secure, off-site locations.
- Ensuring that critical records and communications remain encrypted.
- Utilizing disk-to-disk backup and retrieval, avoiding the hassles of backup tapes.
- Offering specialized solutions for storing, monitoring and archiving email and instant messages.
HIPAA contains the standards required to protecting patient information/data records:
- Providing information to patients about their privacy rights and how their information can be used.
- Adopting clear privacy procedures for its practice, hospital, or plan.
- Training employees so that they understand the privacy procedures.
- Designating an individual to be responsible for seeing that the privacy procedures are adopted and followed.
- Securing patient records containing individually identifiable health information so that they are not readily available to those who do not need them.
Complete HIPAA Standards (pdf)
Additional information can be found by visiting the US Department of Health and Human Services http://www.hhs.gov/ocr/hipaa/