Privacy Policy |
|
What is HIPAA? In 1996, Congress enacted the Health Insurance Portability and Accountability Act (HIPAA), one purpose of which is to protect health information by establishing transaction standards for the exchange of health information, security standards, and privacy standards for the use and disclosure of individually identifiable health information. HIPAA applies to health care providers and employer group health plans. Axial Exchange is a business associate under the HIPAA requirements, as we handle protected health information ("PHI") while providing services to health care providers and group health plans. As such, Axial Exchange uses appropriate safeguards to prevent use or disclosure of PHI except as permitted by HIPAA. Axial Exchange requires all employees and contractors to abide by its HIPAA-compliant policies. HIPAA Requirements 1. Minimum NecessaryAxial Exchange makes every effort to ensure that it uses, discloses, or requests only the minimum necessary information. We have created policies and procedures that limit the protected health information disclosed. To ensure that only the minimum necessary PHI is used or disclosed, we define role-based access to PHI to ensure that the right people are handling PHI in the appropriate way. 2. Administrative Requirements Axial Exchange has designated a Compliance Officer, who is responsible for compliance with the administrative requirements of HIPAA, including:
Axial Exchange is required to apply the security standards to all health information pertaining to an individual that is electronically maintained or transmitted. Axial Exchange has assigned responsibility for security to a Security Officer, who is responsible for:
|