We are HIPAA Complaint

In this digital world, data flows easily and invisibly, and as cybercrime increases, it is becoming harder to reassure that our data will be safe with anyone, particularly for healthcare organizations.

What is HIPAA?

The Health Insurance Portability and Accountability Act of 1996 (HIPAA) is a federal law issued by the US Department of Health and Human Services. According to the law, sensitive patient health information will be protected and will not be disclosed without the patient’s consent or knowledge.

What is the purpose of HIPAA?

  • To provide continuous health insurance coverage for workers who lose or change their job
  • To reduce the cost of healthcare by standardizing the electronic transmission of administrative and financial transactions
  • Combating abuse, fraud and waste in health insurance and healthcare delivery
  • Improving access to long-term care services and health insurance

What information is protected under HIPAA?

Patient Health Information (PHI) or Patient Health Record (PHR) held in any form, including digital, paper, or oral will be protected under HIPAA and HIPAA Privacy Rule guarantees patients the right to receive their own PHI, upon request, from healthcare providers covered by HIPAA.

  • PHI includes but is not limited to the following
  • a patient’s name, address, birth date, Social Security number, biometric identifiers or other personally identifiable information (PII);
  • an individual’s past, present or future physical or mental health condition;
  • any care provided to an individual; and
  • information concerning the past, present or future payment for the care provided to the individual that identifies the patient or information for which there is a reasonable basis to believe could be used to identify the patient.

What are HIPAA-covered entities?

A HIPAA-covered entity is any organization or corporation that directly handles Patient Health Information (PHI) or Records (PHR). Covered entities are required to comply with HIPAA for protection of PHI or PHR.

Covered entities fall into 3 categories:

  • Healthcare provider. Healthcare providers include doctors, clinics, psychologists, dentists, chiropractors, nursing homes and pharmacies.
  • Health plan. Health plans include health insurance companies, health maintenance organizations (HMOs), company health plans and government healthcare programs, such as Medicare, Medicaid and military healthcare programs.
  • Healthcare clearinghouse. Healthcare clearinghouses are entities that process nonstandard health information they receive from another entity into a standard format or vice versa. Examples include billing services and community healthcare systems for managing health data.

Acarin is HIPAA Compliant

Acarin products and services are fully compliant with HIPAA (USA). All data traffic and data-at-rest is encrypted and secure. Patient Health Information (PHI) is safeguarded at all times. Within the platform, all data is kept secure through user-defined restricted privileges. And all records are encrypted and protected from unauthorized access via secure, embedded login credentials.