HIPAA compliance

  1. BROSIX
  2. HIPAA compliance

Brosix fully complies with Data Protection Regulation

IWhat is HIPAA?

HIPAA is an abbreviation for the Health Insurance Portability and Accountability Act of 1996, a federal law that regulates the transfer and use of medical data in order to protect the security and privacy of personal information. In recent times, as the number of cyberattacks kept increasing the risk of health data breaches, many health providers and insurers had to increase their awareness and compliance with this legislation.
HIPAA protects the rights of patients by enforcing the limits and rules within medical information can be obtained, shared, and accessed. It also requires that all data is handled securely (especially in electronic form) to protect it from prying eyes and malicious uses.
The HIPAA was adopted by the United States Congress in August 1996, and signed into law by President Bill Clinton. It aims to achieve the following:

Health Insurance Portability and Accountability Act

  • Obliges industry-wide health standards for e-invoicing and other processes involving personal data;
  • Provides the possibility of transferring and continuing health insurance coverage countless US employees and their families when they lose or change their jobs;
  • Requires privacy and protection when working with sensitive personal information about a patient’s health;
  • Establish guidelines to define the responsibilities of entities covered by the law and its business associates, and enforce severe penalties of up to $1.5 million per incident in case of compliance violations as well as HIPAA privacy and security breaches.
  • Fights against abuse, waste, and fraud in the health care system, when personal information is used for medical purposes.

HIPAA is separated in five Title sections:

Title 1: Health Insurance Portability

This title addresses the ability to retain health insurance opportunities. It protects people who lose or change jobs, prohibits insurers from setting lifetime coverage limits, and mandates all group health plans to provide coverage to all individuals regardless of pre-existing conditions and diseases.

Title 2: Protection and Confidential Handling of Health Information

This title outlines regulations for privacy requirements from health care organizations and suppliers, as well as their business services providers, to strictly follow procedures that guarantee the security and confidentiality of private health information, when it is shared, sent, received, or used.

Title 2 applies to all forms of PHI (Personal Health Information), including verbal communication, physical documents, and electronic forms of communication such as Electronic Health Records (EHRs). It is important to note that in this case, the only user information that should be shared is that which is required for business purposes. The HIPAA Standards for Privacy Rule, set the first national standard in the U.S. to safeguard patients’ PHI and private information.

Adhering to Title 2 of HIPAA is what is often referred as “being HIPAA compliant”. In fact, in order to avoid facing civil financial money penalties for HIPAA compliance violations, every health care organization, provider or supplier must adhere to the following requirements:

  1. Follow a standardized procedure for electronic data interchange (EDI) every time an insurance claim is submitted or processed.
  2. Possess a unique10-digit national provider identifier number (National Provider Identifier or NPI).
  3. Ensure that all sensitive medical and patient data is properly encrypted, handled, and safeguarded at all times to guarantee privacy and security.

Title 3: Tax-Related Health Provisions

Title 3 is a set of guidelines for pre-tax medical savings account to determine how much it may be saved per person. Under HIPAA, both self-employed professionals and employees covered by employer-sponsored insurance plans may access medical savings accounts The law also provides for deductions for medical insurance and other tax-related provisions together with other modifications of the health insurance law.

Title 4: Application and Enforcement of Group Health Plan Requirements

Title 4 adds further changes to the health insurance reform, specifying eligibility for people with pre-existing conditions and patients requiring continued coverage. It also includes a clarification of the Consolidated Omnibus Budget Reconciliation Act (COBRA).

Title 5: Revenue offset governing tax deductions for employers

Title 5 of HIPAA encompasses the following:

  • Provisions for company-owned life insurance, such as forbidding company endowments, company-related contracts, and the tax-deduction of interest on life insurance loans.
  • Repeals the financial institution rule to interest allocation rules.
  • It provides for the treatment of people who lost or gave up citizenship in the United States for income tax purposes. It also allows for the expatriation tax to be applied to those who gave up their US citizenship for tax reasons.

IIWho is under HIPAA regulation

In short, any entity which electronically transfers medical records or healthcare related billing records, including:

  • Health plan suppliers
  • Health care clearing houses
  • Health care providers who process financial and administrative transfers electronically.
  • It’s important to note that these entities fall under the privacy requirements even if they work with other business associates to perform some of their general operations.

All these entities are mandated to develop and follow procedures aimed at guaranteeing the security and confidentiality of PHI at all times. All these organizations and providers must ensure that whenever business is conducted, only the minimum medical information necessary is shared, transferred, or used. This data must be protected with all the necessary means, such as by encrypting it while it is in motion or stored.

For such entities, Brosix provides an encrypted communication messaging system, which completely complies with the regulation requirements, together with a dedicated agreement for each subscribed company.

Who is under HIPAA regulation

IIIHow Brosix fits the regulation!

For every client/subscriber Brosix offers a dedicated agreement, which outlines that all data transferred with the messenger is encrypted and secure, thus complying with the HIPAA requirement of not sharing personal health information publicly or otherwise.

Who is under HIPAA regulation

Brosix subscribers can rest assured that their communication remains private and protected by the applied encryption on all data transfers through the different features of the application.

Request to download the Brosix HIPAA agreement.

IVHow Brosix protects data privacy

Communication and data transfer security is Brosix’s top priority.

Brosix encrypts all transfers when sending messages, files, video and voice chats, and even screenshots. Due to its “Peer to Peer” (P2P) technology, Brosix ensures that communication remains only between users and stored on their personal devices. Nobody is able to follow or track any communication or data transfers on Brosix, as all features are protected with extra privacy through the private team chat network.

You can learn about Brosix’s Security Procedures in detail HERE.

How Brosix protects data privacy

VHIPAA for professionals

Do I fall (my organization) under HIPAA regulation?

Frequently Asked Questions

Complying with regulations can at times be burdensome, but Brosix is ready to help make your business HIPAA compliant quickly. By securing all data and communication, Brosix saves you time and gives you peace of mind that your data is protected. Regardless of which feature you use for sharing information, Brosix ensures that it remains private as intended. Reassure your clients that their privacy is your priority with Brosix!

How Brosix will help your private communication!

Start Using Brosix NOW

Choose Brosix when Privacy Matters

No credit card required Cancel anytime

login

References