healthcare technology
HIPAA Compliance as a Service
Complete HIPAA compliance packages for every health care provider. Finally a solution that eliminates the high risk of trying to protect yourself. We understand doctors should only know their practice and not handling their own technology needs as well. Our subscription based solution will instantly make your current office HIPAA compliant.
A Virtual Secure Desktop (VSD) reduces upfront costs of securing your own office networks, allowing your patient records and software to remain secure and safe at an affordable price.
Each user also receives a HIPAA Compliant Email with your own domain name. (Ex: [email protected])
Starting at $95 a month per user
Who needs to Be HIPAA compliant?
The short answer is: if your application handles protected health information (PHI) then you need to be HIPAA compliant. If you do not, then you are subject to potential civil and criminal penalties as a result of HIPAA violations. The HIPAA rules apply to both Covered Entities and their Business Associates.
Covered entities are anyone who provides treatment, payment and operations in healthcare. Covered entities include companies and organizations such as: doctor's offices, dental offices, clinics, psychologists, health plans, insurance companies, HMOs and more. It other words, health privacy protections depend on who has the information and not on the nature of the information.
Which Health Care Entities Must Comply With HIPAA?
HIPAA doesn’t apply to every health record keeper or to every health record. Only covered entities must comply with HIPAA. Get used to the term covered entity because it comes up a lot. HIPAA recognizes and regulates three types of covered entities.
This is a complicated area, and this is one of the longest FAQs in this guide. There are lots of types of entities, some covered by HIPAA, some partly covered, and some not at all.
HIPAA generally covers medical information maintained by or for a covered entity. HIPAA generally does NOT cover medical information held by those who are not covered entities. This is an especially important point that many people in the health care world do not understand clearly. Health information that is protected when held by a covered entity (like a medical record held by a hospital) may have no privacy protections when the information is held by a someone who is not a covered entity. In other words, health privacy protections depend on who has the information and not on the nature of the information.
1) Health care clearinghouses
Health care clearinghouses transmit information (typically claims and billing information) between other players in the health care system. For example, a hospital may send the bill for your treatment to a health care clearinghouse that will reformat and submit the information to your insurance company. Clearinghouses are of no interest to the average patient because their function is usually invisible. Patients rarely, if ever, come into contact with them. But clearinghouses have the same obligations as other covered entities, and that is important if you do have an issue with a clearinghouse. Otherwise, don’t worry about clearinghouses. We won’t mention them again.
2) Health plans
Health plans are covered entities. Health insurers, health maintenance organizations (HMOs), and Medicare are examples of health plans subject to HIPAA. So are plans for uniformed service members. Nearly all health plans are covered entities, but some small group health plans (fewer than 50 participants) may not be covered entities. We use health plan and insurer interchangeably here.
3) Health care providers
Health care providers are covered entities, at least most are. Generally, a health care provider is a doctor, hospital, dentist, podiatrist, pharmacist, laboratory, optometrist, and just about anyone else licensed to provide health care. The formal legal definition of health care provider is so complex that it makes lawyers wince.
Complete HIPAA compliance packages for every health care provider. Finally a solution that eliminates the high risk of trying to protect yourself. We understand doctors should only know their practice and not handling their own technology needs as well. Our subscription based solution will instantly make your current office HIPAA compliant.
A Virtual Secure Desktop (VSD) reduces upfront costs of securing your own office networks, allowing your patient records and software to remain secure and safe at an affordable price.
Each user also receives a HIPAA Compliant Email with your own domain name. (Ex: [email protected])
Starting at $95 a month per user
Who needs to Be HIPAA compliant?
The short answer is: if your application handles protected health information (PHI) then you need to be HIPAA compliant. If you do not, then you are subject to potential civil and criminal penalties as a result of HIPAA violations. The HIPAA rules apply to both Covered Entities and their Business Associates.
Covered entities are anyone who provides treatment, payment and operations in healthcare. Covered entities include companies and organizations such as: doctor's offices, dental offices, clinics, psychologists, health plans, insurance companies, HMOs and more. It other words, health privacy protections depend on who has the information and not on the nature of the information.
Which Health Care Entities Must Comply With HIPAA?
HIPAA doesn’t apply to every health record keeper or to every health record. Only covered entities must comply with HIPAA. Get used to the term covered entity because it comes up a lot. HIPAA recognizes and regulates three types of covered entities.
This is a complicated area, and this is one of the longest FAQs in this guide. There are lots of types of entities, some covered by HIPAA, some partly covered, and some not at all.
HIPAA generally covers medical information maintained by or for a covered entity. HIPAA generally does NOT cover medical information held by those who are not covered entities. This is an especially important point that many people in the health care world do not understand clearly. Health information that is protected when held by a covered entity (like a medical record held by a hospital) may have no privacy protections when the information is held by a someone who is not a covered entity. In other words, health privacy protections depend on who has the information and not on the nature of the information.
1) Health care clearinghouses
Health care clearinghouses transmit information (typically claims and billing information) between other players in the health care system. For example, a hospital may send the bill for your treatment to a health care clearinghouse that will reformat and submit the information to your insurance company. Clearinghouses are of no interest to the average patient because their function is usually invisible. Patients rarely, if ever, come into contact with them. But clearinghouses have the same obligations as other covered entities, and that is important if you do have an issue with a clearinghouse. Otherwise, don’t worry about clearinghouses. We won’t mention them again.
2) Health plans
Health plans are covered entities. Health insurers, health maintenance organizations (HMOs), and Medicare are examples of health plans subject to HIPAA. So are plans for uniformed service members. Nearly all health plans are covered entities, but some small group health plans (fewer than 50 participants) may not be covered entities. We use health plan and insurer interchangeably here.
3) Health care providers
Health care providers are covered entities, at least most are. Generally, a health care provider is a doctor, hospital, dentist, podiatrist, pharmacist, laboratory, optometrist, and just about anyone else licensed to provide health care. The formal legal definition of health care provider is so complex that it makes lawyers wince.
