|HIPAA Compliance Statement
Because we are neither a payer, nor provider of healthcare services, and because we are engaged as the personal representative of our clients, MedeFile International is not affected or legally constrained under the Health Insurance Portability and Accountability Act (HIPAA).
However, MedeFile has voluntarily decided to remain in strict HIPAA compliance at all times.
We at MedeFile International realize that our clients expect us to comply with all aspects of confidentiality of patient data. We require access to sensitive data that may be associated with insurance claims, and ongoing patient care, including both patient and provider information. As such, MedeFile International has taken steps to ensure its compliance with both the Gramm-Leach-Bliley Act and HIPAA requirements.
Our key aspects to our existing policies include, but are not limited to, the following:
- All MedeFile International employees are required to sign a confidentiality agreement with MedeFile International. These agreements provide MedeFile International the right to terminate employment, if the confidentiality breach is deemed to be significant, harmful or damaging to MedeFile International, its clients, or their providers. These confidentiality agreements also provide sanctions for employees as recommended by HIPAA.
- All patient and provider specific information that we receive or generate as a result of delivering our services is treated as confidential, and it is not disclosed to those who do not have a need to view it in relation to the services we deliver to our clients. The electronic data is stored on secure computer servers, which require a unique user name and password to access such data.
- All patient and provider information that exists in printed format is contained within designated working spaces. Information that requires mailing is secured in a sealed envelope prior to leaving MedeFile International's premises. Alternatively, it may be faxed to a designated party, including the patient's providers, but only as directed by the member.
- All MedeFile International Client and Vendor agreements include a Business Associate Addendum. The incorporation of this Addendum ensures that all parties involved in the use and/or disclosure of protected health information to be in compliance and that they will remain in compliance with current HIPAA Regulations. The Addendum also outlines the procedures the parties must follow, with regard to protected health information, upon termination of their Agreements.