The Health Insurance Portability and Accountability Act became law in August 1996. Known as HIPPA, it was designed to set in motion a series of widespread measures focusing on simplifying the processing and distribution of medical information, improving the portability of health Insurance, giving patients access to medical information, and protecting patient data that is stored, processed, or transmitted across public networks.
A Web Site that is “HIPPA-compliant” is one that provides the physical and technological security measures required to ensure that any patient information, physician-patient correspondence and other sensitive information remains secure, confidential and unable to be digitally intercepted or otherwise accessed by outside parties. In short, a “HIPPA-compliant” Web Site means all required steps have been taken to keep private information private – It’s a “safe” Web Site.
We exercise great care in providing secure transmission of your information from your computer to our servers. When you transmit personal information to us, we encrypt it using Secure Socket Layer (128 bit SSL), the industry-standard encryption technology. Encryption provides a secure means to protect your information as it passes over the Web to our servers.
Our employees and contractors have occasional, legitimate needs to access our data servers for purposes of system troubleshooting and maintenance. We ensure that such access is granted only to those who have such needs. All such individuals have signed confidentiality agreements and are continually made aware of their obligations regarding user information. Access is controlled via pre-assigned user accounts that require multiple levels of authentication. All staff members are periodically trained regarding security protection of their personal workstations
The facilities that house our servers, network devices, backup data storage media, and other equipment and information are physically secured and attended. Access is strictly limited to only those individuals who require it for a legitimate purpose.
We continuously evolve and update our internal information security policies and our business continuity and disaster recovery plans. We perform risk assessment, security audit, and system-test activities on an ongoing basis. Our employees and contractors receive frequent training and/or reminders regarding information security and protecting the confidentiality of your information.
We are committed to meet or exceed regulatory and industry self-regulatory guidelines regarding privacy, confidentiality, and information
security. On an ongoing basis, we will review and adapt to statutes, regulations, formal private-sector standards, and informal policy guidelines as they apply. In particular, we will comply with all applicable provisions of the Health Insurance Portability and Accountability Act (HIPPA) rules for information security as those take effect.
