Privacy & Security Safeguards

 

Shared Health® has implemented appropriate industry-standard privacy and security safeguards, including:

 

• Defined Clinician Authorization
• Identification of Parties Receiving Protected Health Information (PHI)
• Assignment of Unique User IDs and Passwords (Authentication Safeguard)
• Industry Benchmark Security Encryption
• Audit Trail Capabilities
• Role-Based Access Controls
• Physical Safeguards in Data Center (access control, environmental control, emergency power, disaster recovery plan)
• Other Security Safeguards (workforce clearance and termination procedures, virus protection, data backup, device and media controls)

 

Shared Health meets the definition of a health care clearinghouse under HIPAA (The Health Insurance Portability and Accountability Act of 1996), which means Shared Health is a covered entity directly regulated by HIPAA and must comply with the privacy requirements.

 

Many times, Shared Health will be a business associate as well as a covered entity under HIPAA. As a covered entity or business associate under HIPAA, Shared Health is allowed to use and disclose PHI for treatment, payment, and health care operations without an authorization from the individual.

 

Learn more about HIPAA