|
HERAE Complies with HIPAA Standards
The Health Insurance
Portability and Accountability Act (HIPAA) is having
a profound impact on the healthcare industry. HIPAA
mandates the establishment of standards governing the
security and privacy of individually-identifiable health
information that is electronically transmitted or maintained
by providers, payers and clearinghouses. In addition,
the Administrative Simplification provision of HIPAA
mandates the creation of standards for certain healthcare
transactions between covered entities, as well as the
adoption of standard code sets and national identifiers
for employers, health plans and providers.
 On January 7 of 2008, HERAE received full accreditation with The Electronic Healthcare Network Accreditation Commission (EHNAC). This independent, not-for-profit agency provides peer evaluation of an organization's ability to perform at industry-established levels. This is a significant achievement reinforcing HERAE's HIPAA compliance.
HERAE
complies with relevant HIPAA regulations. Moreover,
we are prepared to help you on your course towards HIPAA
compliance on these fronts:
Transaction Standards
HERAE supports the ANSI X12 transaction standards mandated by HIPAA. In addition, HERAE is a clearinghouse as defined by HIPAA and as such can also accept non-compliant formats from payers and send non-compliant formats to providers due to our translation capabilities.
Privacy
HERAE
complies with the HIPAA Privacy regulations as they
relate to clearinghouses and business associates. For
example, we have designated a privacy officer, and all
employees and agents sign a HIPAA Confidentiality Statement
stating that they understand the importance of ensuring
the confidentiality of protected health information.
Security
HERAE's security
is multi-faceted: From a physical perspective, the data
center includes continuous video surveillance, security
breach alarms, and 24/7 on-premises security officers.
To learn more about HERAE security, go to our security
page.
HERAE's
network includes a tightly constrained firewall that prevents
all but two types of requests from reaching the web
application servers. It also prevents all outside traffic
from reaching the database servers. Furthermore, each
user account is password protected; HERAE automatically
logs out the user after a pre-determined period of inactivity;
and HERAE automatically disables logins after a
fixed number of consecutive failed attempts.
Provider
Compliance
HERAE
works closely with provider office staff during the
implementation of HERAE software. We suggest password best practices
and provide configuration services to assist physician
offices comply with HIPAA as it relates to their use
of HERAE.
We'll Stay Current and Help You to Do So
HERAE
reviews its policies and procedures on an ongoing basis,
so our practices are subject to change. HERAE will continue to adjust its practices as laws
and regulations in this newly legislated field are modified,
clarified and re-interpreted. We will communicate any
changes in our position to payers and providers, and help you to understand how changes may affect you as well.
|
