HIPAA Compliance
The Administrative Simplification provisions of the Health Insurance Portability
and Accountability Act of 1996 (HIPAA, Title II) require the Department of
Health and Human Services to establish national standards for electronic health care
transactions and national identifiers for providers, health plans and employers.
It also addresses the security and privacy of health data. Adopting these standards
will improve the efficiency and effectiveness of the of the nation's health care
system by encouraging the widespread use of electronic data exchange in health care.
CardioPulse was designed to aid the provider to meet certain HIPAA requirements:
- CardioPulse will track Notice of Privacy Practices per patient. As of April 14, 2003 all providers must distribute, to all existing patients and new patients, a notice of privacy practice.
- CardioPulse will sign a business associate agreement with each provider to adhere to HIPAA compliancy.
- A large area of the security portion of HIPAA requires each provider maintain
a disaster recovery plan. All provider records administered by CardioPulse are
delivered over multiple-redundant power supplies. Provider files are backed up
each day and the back up tapes are then stored in a fireproof safe (protection
up to 1 full hour in fires up to 1700 degrees Fahrenheit). - CardioPulse provides a firewall and audit trails.
- HIPAA requires the removal of 18 elements from a patients chart in order to
submit patient information for research, marketing or fundraising. CardioPulse easily aids in the removal of this information. - Wireless technology and palm pilots all fall under HIPAA regulations. Our
technical staff will help your hospital/practice meet compliancy for this technology
by helping to setup passwords and ensuring the PHI does not become available
while using wireless technology. - All faxing of PHI will need to meet certain standards to fall within the HIPAA
guidelines. CardioPulse helps meet compliancy via fax cover sheets and audit trails.
