HIPAA COMPLIANT
HIPAA compliance measures require stringent health care security and privacy practices
that are intended to ensure patient confidentiality for all health care related
information. Keeping these regulations in mind, AMIS™
is backed by technology and coding amenable to all HIPAA policies and is open to
current and future HIPAA policies. Electronic, patient-identifiable health data is to be protected across
the board, uniformly. In additions, technical security and mechanisms plus specific
administrative processes and physical security safeguards are to secure patient
data protection. This includes reliable storage of electronic data and emergency
access to that data.
The ultimate objective of HIPAA is to increase the efficiency and effectiveness
of health information systems through improvements in electronic health care transactions
as well as to maintain the security and privacy of individually identifiable health
information. Our products will save you hundreds of hours in becoming compliant
and staying there.
A brief look on how we empower you with HIPAA compliance:
Physical Security
AMIS™
has built in strong physical security measures. These are a combination of special
hardware and specific software measures to ensure security of the applications,
web site, servers
and databases. Backed by firewall technology, all incoming traffic is intercepted
to allow access to authorized users only. All critical systems are monitored 24/7
by experts trained in all aspects of physical and technical security.
User Authentication Security
Backed by proprietary software applications, AMIS™
controls access to restricted areas of the web site and database via login authentication.
An automatic log off feature is in place to prevent unauthorized access to information
in the event of the original user leaving the workstation without logging off.
Internal Audit
We record and regularly review all system activities, including but not limited
to, login, file access and security events. AMIS™
uses this audit system to assess and critique its technical security measures.
Personnel Policies
Access to patient data is limited only to those employees who are liable to perform
related tasks. Each employee is inherently made conscious to the fact that data
accessed through their job functions is to be safeguarded and should not be disclosed
to unauthorized parties. New employees are trained on all security systems and privacy
policies during their initial orientation process.
Contingency Plan
AMIS™
has developed an emergency response plan, which is routinely updated and includes
disaster recovery, data backup, as well as testing and revision procedures. This
ensures our preparedness for any eventuality or contingency.
Privacy
Compliance had to be met, regarding specific standards for patient notification and
the specificities on disclosure of patient healthcare data - paper, verbal or electronic.
Now all providers must give patients a Notice of Privacy Practices and attain signed
authorization from patients for release of their healthcare information in matters of
treatment, payment or other healthcare operations. Also, providers are required to appoint a
Privacy Officer, develop/implement HIPAA-compliant policies and procedures and train staff in HIPAA privacy policies.
Meanwhile, patients maintain the right to access their data, attain records of various data disclosures, request amendments to
their data and request special restrictions on data use or data disclosure.
|