HIPAA Compliant Hosting | Affordable Prices & 24/7 Support
What is HIPAA?
The Health Insurance Portability and Accountability Act of 1996was enacted by Congress and signed by President Bill Clinton in 1996. Title II of HIPAA, known as the Administrative Simplification (AS) provisions, requires the establishment of national standards for electronic health care transactions and national identifiers for providers, health insurance plans and employers.
What does it mean to be a HIPAA-compliant host?
HIPAA certification means the host follows the standards set by the Health Insurance Portability and Accountability Act. Any company that handles protected health information must ensure that all aspects of its operations – from the physical network to the software that runs on it – are secure. When medical providers host their data and applications, the data center also must be in compliance with HIPAA regulations.
With its HIPAA certification, GalaxyVisions must meet certain administrative, physical and technical safeguards in place, according to the U.S. Department of Health and Human Services. Examples of safeguards include:
- Physical barriers to limit facility access and control.
- Technical barriers that allow only authorized personnel to access electronic health data. Access control includes using unique user IDs, an emergency access procedure, automatic log off and encryption and decryption.
- Tracking logs that keep records of activities in both hardware and software. This helps pinpoint the source or cause of any security violations.
- Technical policies that include integrity controls, or measures to confirm that electronic patient health records haven’t been altered or destroyed.
- Transmission security to protect against unauthorized public access of patient records. This concerns all methods of transmitting data, whether it be email, Internet, or even over a private network.
Who handled GalaxyVisions’ HIPAA compliance review?
The review was handled by IS Partners, an independent auditing firm that has handled more than 800 SAS 70, SSAE 16 and SOC audits, internal control readiness assessments, trust service audits, HIPAA assessments, and information technology audits. The firm, which is based in Horsham, Pa., serves clients in all major service industries throughout the United States, Canada, United Kingdom, Central America, India, Pakistan and Caribbean Islands. The firm’s SSAE 16 audit teams are comprised of experts in the areas of accounting, information technology, internal controls, and business process auditing.
The GalaxyVisions certification involved:
- Completing a risk-based assessment
- Securing PHI, per guidelines
- Addressing contracts and processes
- Planning for breach detection
- Planning for breach response
What is HIPAA HITECH?
The Health Information Technology for Economic and Clinical Health (HITECH) Act, which took effect in February 2010, extends the Health Insurance Portability and Accountability Act’s (HIPAA) rules for security and privacy safeguards, including increased enforcement, penalties and audits. It was passed after surveys showed that many HIPAA compliance programs were deficient in the areas of privacy and security, including inadequate program testing and failure to update the programs.
Where can I find out more about electronic health records?
Visit the Department of Health and Human Services’ informative website: http://www.hhs.gov/ocr/privacy/.
GalaxyVisions is the perfect prescription for all your medical hosting needs. With fast and secure connections and second-to-none customer service, health care providers are finding GalaxyVisions to be the go-to host of choice for their HIPAA-compliant hosting needs.