Lightsaver solution fully HIPAA compliant

The Health Insurance Portability and Accountability Act (HIPAA) in USA states that health care professionals are required by law to back up their files and store them, encrypted, so they can be recovered in the event of a fire, natural disaster, or other catastrophe.

HIPAA requires healthcare providers and their business associates to handle medical records (called Protected Health Information or PHI) in ways that protect the privacy of patients while ensuring the integrity of their records.

Doctor's offices and other healthcare providers are required by law to protect their electronic records in several ways.

 

  • Make sure that only authorized people can access them;
  • Verify the identity of anyone requesting access;
  • Make sure the records are not improperly altered or destroyed;
  • Verify that the records have not been altered or destroyed in an unauthorized manner;
  • Be able to recover copies of records in the event of fire, natural disasters, or other catastrophe;
  • Back up electronic records;
  • Establish a Disaster Recovery Plan.
  • Penalties for failure to comply with HIPAA can be stiff. Wrongful disclosure of PHI can cost a healthcare provider $50,000 and imprisonment for up to a year. Additional penalties for more serious violations can amount to $250,000 and imprisonment for up to ten years.

    Who must comply with HIPAA?

     

  • Doctors, Dentists, Optometrists, any healthcare provider who keeps medical records (Protected Health Information or PHI);
  • Health Plans;
  • Healthcare clearing houses;
  • Medical billing companies;
  • Insurance companies;
  • Any associate of a healthcare provider who has access to unencrypted PHI.

  • There is no official certification for software used to help comply with HIPAA or for online backup service providers. The Act does not specify any type of software. It only specifies procedures and methods used to achieve compliance. Pronetsys is fully compliant with all HIPAA requirements in sections 164.308(a)(7)(i), 164.308(a)(7)(ii), 164.312(a)(1), 164.312(d), 164.312(c)(1), and 164.312(c)(2).

    Online Backup Service Providers are not "covered entities" or "associates" as defined by HIPAA, and thus are not required to comply with HIPAA.

    Pronetsys does not offer legal advice. Contact a lawyer or refer to the U.S. Department of Human Services' website at http://www.hhs.gov/ocr/privacy/

    • 81 Users Found This Useful
    Was this answer helpful?

    Related Articles

    What are the different bands used in Jamaica by cellphone providers ?

    The Frequencies being used in Jamaica:Digicel: GSM 900/1800MHzCable and Wireless – LIME: GSM...

    Updating Password Authentication Method on Mac Mail?

    Updating Password Authentication Method on Mac MailTo ensure Mac Mails's settings are properly...

    Updating Password Authentication Method on Your iOS Device

    Updating Password Authentication Method on Your iOS DeviceTo ensure your iPhone, iPad, &...

    Updating Password Authentication Method on Thunderbird

    Updating Password Authentication Method on ThunderbirdTo ensure Thunderbird's settings are...

    End of Support for SMTP Authentication Using CRAM-MD5

    CRAM-MD5 is a secure log-in method used by some mail clients to encrypt user credentials during...