As a provider of services to the U.S. healthcare industry, CONCORDE
is fully committed to compliance with the requirements of the Health
Insurance Portability and Accountability Act of 1996 (HIPAA). These
requirements pertain to the security and confidentiality of Protected
Health Information. As a business associate of entities covered under
HIPAA, CONCORDE has introduced detailed procedures and systems to ensure
that Protected Health Information (PHI) is used and disclosed in accordance
with HIPAA rules and regulations.
The procedures and systems introduced include electronic access control
systems
to control physical access to PHI, firewall security systems, encryption
of all files that are sent through internet, power-on passwords, network
passwords, password-protected screensavers, confidentiality agreement
with each employee having access to PHI, etc.
CONCORDE
does not release any record directly to a patient. It is the responsibility
of the healthcare provider to control patient’s access to PHI
and to manage disclosures as per HIPAA requirements.
|
