HIPAA Compliance
The Administrative Simplification provisions of the Health Insurance Portability
and Accountability Act of 1996 (HIPAA, Title II) require the Department of
Health and Human Services to establish national standards for electronic health care
transactions and national identifiers for providers, health plans and employers.
It also addresses the security and privacy of health data. Adopting these standards
will improve the efficiency and effectiveness of the of the nation's health care
system by encouraging the widespread use of electronic data exchange in health care.
CAOS was designed to aid the provider to meet certain HIPAA requirements:
- CAOS will track Notice of Privacy Practices per patient. As of April 14, 2003 all
providers must distribute, to all existing patients and new patients, a notice of
privacy practice. - CAOS will sign a business associate agreement with each provider to adhere to
HIPAA compliancy. - A large area of the security portion of HIPAA requires each provider maintain
a disaster recovery plan. All provider records administered by CAOS are
delivered over multiple-redundant power supplies. Provider files are backed up
each day and the back up tapes are then stored in a fireproof safe (protection
up to 1 full hour in fires up to 1700 degrees Fahrenheit). - CAOS provides a firewall and audit trails.
- HIPAA requires the removal of 18 elements from a patients chart in order to
submit patient information for research, marketing or fundraising. CAOS easily
aids in the removal of this information. - Wireless technology and palm pilots all fall under HIPAA regulations. Our
technical staff will help your hospital/practice meet compliancy for this technology
by helping to setup passwords and ensuring the PHI does not become available
while using wireless technology. - All faxing of PHI will need to meet certain standards to fall within the HIPAA
guidelines. CAOS helps meet compliancy via fax cover sheets and audit trails.
