HIPAA Compliance


3152

The Health Insurance Portability and Accountability Act demands that all HIPAA covered businesses prevent unauthorized access to “Protected Health Information” or PHI. PHI includes patients’ names, addresses, and all information pertaining to the patients’ health and payment records. According to the Department of Health and Human Services, “HIPAA Rules apply to covered entities and business associates.” Complete compliance with HIPAA guidelines requires implementation of basic and advanced security measures. Basic security includes benchmark-based password creation and use, personnel education and training, limited access to PHI, data encryption, use of firewalls, antivirus software, and digital signatures. With increasing adoption of electronic medical records and cloud-based software-as-service (SaaS), advanced security measures are necessary.
Arnav Revenue Management follows HIPPA. We are totally committed to protecting your business and your patient’s private data. We comply with all US Federal, State and local laws. We have the following safeguards in place to ensure zero breach.

Data Security

1. High security firewalls ensure our networks are secure and reliable.
2. Backup data and communication between our sites and our client sites are encrypted.
3. Access to the Internet is monitored and restricted to essential web sites.
4. Only authorized personnel are granted access to systems containing client data.

Physical security

1. Round-the-clock web surveillance and security guards at the entry and exit points of our office ensure that our infrastructure is secure.
2. Access control systems are installed; ensuring only authorized personnel can enter the workstation areas.
3. Our computer systems are password protected with regular updates on Firewall and anti-virus software.
4. All portable disk drives are prohibited on user workstations.
5. Data printing on paper is prohibited, if any data need to be printed then after use the material is shredded and carefully disposed.

HIPAA Training

1. All employees are trained on HIPAA guidelines before handling client data.

Confidentiality Agreement

1. Each employee signs a confidentiality agreement to ensure the security of the client data.