| |
HIPAA |
|
| |
 |
|
| |
HIPAA
(Health Insurance Portability and Accountability
Act) was signed into law on August 21, 1996
by former President Bill Clinton. It is also
know as Public Law 104-191. This law was intended
to provide insurance portability, to improve
the effectiveness of health care by regulating
the exchange of administrative and financial
data, and to protect the privacy, confidentiality
and security of health care information. This
federal law is the single most significant
legislation affecting the health care industry
since the creation of the Medicare and Medicaid
programs in 1965. In short, HIPAA impacts
all aspects of the health care industry. |
|
| |
|
|
| |
Failure
comply with HIPAA could result in severe administrative,
criminal and civil penalties. The penalties
for not meeting the compliance targets range
from being forced to provide a hastily developed
compliance plan, most likely at greater than
expected expense. Civil penalties include
fines up to $25,000 for multiple violations
of the same transaction standard in a calendar
year. Criminal penalties start at $50,000
and one year in prison to $250,000
to 10 years in prison for obtaining and
disclosing protected health information. |
|
| |
|
|
| |
STOS
is committed to provide practice management
software and services in accordance with all
applicable laws, including but not limited
to HIPAA. |
|
| |
|
|
| |
STOS
HIPAA Compliance Procedures |
|
| |
|
|
| |
As
part of our continued effort and commitment
to providing health information privacy compliance
we have developed the following compliance
program. |
|
| |
|
|
| |
 |
STOS has defined the responsibilities
of each individual in an office team
and has the ability to certify . |
| |
individuals
in our HIPAA education program |
|
STOS
will monitor compliance on a regular
basis, will keep track of the HIPAA
changes and provide all |
| |
necessary
education to employees when and where
it is required. |
|
STOS
has established an awareness evaluation
program with use of periodic audits
and other similar |
| |
practices. |
|
STOS
will continue to implement a combination
of administrative and technical safeguards
to protect the |
| |
security
of confidential health information. |
|
STOS
has already implemented safeguards
such as encryption of all transmitted
data and storage, session |
| |
timeouts,
and much more. |
|
STOS
has taken measures to ensure that
the privacy of health information and
data centers is physically |
| |
safeguarded.
All data is constantly replicated on
redundant servers. Data backups are
included in our routine procedures. |
|
|
