Security Policy – Futuristic Solutions

Our Security Policy

HIPAA Policy

The Health Insurance Portability and Accountability Act of 1996 (HIPAA) is a significant healthcare reform law that passed Congress in 1996. The law has its roots in the Clinton Health Reform proposal, and its primary purpose was to provide better access to health insurance as well as to toughen the law concerning healthcare billing fraud. There are other corollary sections of the law related to administrative simplification and privacy of protected health information that have far-reaching effects for Providers, Payers, Managed Care Organizations, their business associates, and any esntity storing, processing, and transmitting healthcare information.

HIPAA amends the Internal Revenue Code of 1986 by :

› Improving portability and continuity of health insurance coverage in group and individual markets
› Combating waste, fraud and abuse in health insurance and healthcare delivery
› Promoting the use of medical savings accounts
› Improving access to long-term care services and coverage
› Simplifying the administration of health insurance

In addition, the Act includes provisions for improving and monitoring the security and confidentiality of any records containing health plan member and patient information. In 1998, the Department of Health and Human Services (HHS) proposed, as part of these HIPAA provisions, a Nation Standard Provider Identifier (NPI), a National Standard Employer Identifier and security standards for electronic health data.

The Administrative Simplification rules of HIPAA are intended to improve efficiency in healthcare delivery through standardized, electronic transmission of many administrative and financial transactions as well as protection of confidential health information.

Our HR department conducts extensive background checks on all new employees prior to our “employee confirmation process.” Once confirmed, employees can access our system only with valid logons and passwords. Furthermore, access to sensitive information is on a “need to know basis” and we constantly keep watch to prevent any of our clients’ data from being accessed except by authorized employees. In addition, all our employees receive confidentiality training (as required by HIPAA) and must sign confidentiality agreements.