Because we are neither a payer, nor provider of healthcare services, and because
we are engaged as the personal representative of our clients, MedeFile International
is not affected or legally constrained under the Health Insurance Portability and
Accountability Act (HIPAA).
However, MedeFile has voluntarily decided to remain
in strict HIPAA compliance at all times.
We at MedeFile International realize that our clients expect us to comply with all
aspects of confidentiality of patient data. We require access to sensitive data
that may be associated with insurance claims, and ongoing patient care, including
both patient and provider information. As such, MedeFile International has taken
steps to ensure its compliance with both the Gramm-Leach-Bliley Act and HIPAA requirements.
Our key aspects to our existing policies include, but are not limited to, the following:
- MedeFile International employees are required to sign a confidentiality agreement
with MedeFile International. These agreements provide MedeFile International the
right to terminate employment, if the confidentiality breach is deemed to be significant,
harmful or damaging to MedeFile International, its clients, or their providers.
These confidentiality agreements also provide sanctions for employees as recommended
by HIPAA.
- All patient and provider specific information that we receive or generate as a result
of delivering our services is treated as confidential, and it is not disclosed to
those who do not have a need to view it in relation to the services we deliver to
our clients. The electronic data is stored on secure computer servers, which require
a unique user name and password to access such data.
- All patient and provider information that exists in printed format is contained
within designated working spaces. Information that requires mailing is secured in
a sealed envelope prior to leaving MedeFile International's premises. Alternatively,
it may be faxed to a designated party, including the patient's providers, but only
as directed by the member.
- All MedeFile International Client and Vendor agreements include a Business Associate
Addendum. The incorporation of this Addendum ensures that all parties involved in
the use and/or disclosure of protected health information to be in compliance and
that they will remain in compliance with current HIPAA Regulations. The Addendum
also outlines the procedures the parties must follow, with regard to protected health
information, upon termination of their Agreements.
|