MEDICAL BILLING : HIPAA

 

Your data is safe with us. Unlike many BPO service providers, iTech is 100% US owned and operated This means we are not only bound by the privacy expectations of our clients, but are held legally accountable by the United States government for privacy violations as outlined by the Health Insurance Portability and Accountability Act(HIPAA). iTech enforces strong security protocols and ensures HIPAA compliance through extensive in-house training and a zero tolerance policy.


Electronic processing and transfer of data via multiplexer/router/modem is encrypted and password protected to ensure privacy and confidentiality. Dedicated leased lines and firewalls ensure the security of all data. Records are kept secure and all appropriate laws are observed for handling the release of information.

 

Additionally:

  • We employ 24 hour Private Security Personnel.
  • No work leaves our offices and the use of use sub-contractors is prohibited except by client request and/or permission.
  • All external drives including floppy disk drives are disabled on every computer.
  • Personnel are prohibited from bringing floppy disks, CD’s, mass-storage devices, cameras, laptops, PDA’s, and cellular phones onto the premises.
  • Personnel are prohibited from bringing in or leaving with any paper and/or any written documents.
  • All employees are checked upon entering and leaving the premises.
  • Random checks take place at scheduled and unscheduled intervals.
  • All computers require user specific passwords to use.
  • Firewalls and antivirus software are installed on all the computers. Virus definitions are updated daily.
  • Hard copies of notes, copies containing patient information including documents schedules are shredded on site.
  • Smoke alarms and fire extinguishers are conveniently placed throughout our offices. 
  • All employees are required to sign confidentiality and non-disclosure agreements.
  • Up-to-date contractual agreements with all business parties are maintained on-site.
  • 128 bit encryption for all transferred files.
  • iTech BPO has administrative procedures in place to guard data integrity, patient confidentiality, and document availability. (Information Access Control and Access Authorization).
  • Technical evaluations are performed by a third party on an annual basis to ensure all systems meet or exceed security requirements as specified by HIPAA.
  • All persons, administrators and employees, who have access to any sensitive information, patient records, or voice files, etc., have the appropriate clearances and have signed confidentiality agreements.
  • All employees are trained on privacy, security, and confidentiality as they pertain to HIPAA by an onsite compliance officer.

 

For more information on our HIPAA practice and compliance program please email:
HIPAA@iTechBPO.com