HIPAA Compliance

Accountability Act of 1996 (HIPAA)

As part of our strong commitment to HIPAA compliance and to prevent violations of the health information privacy laws, we have designed a formal HIPAA Compliance Program.

A privacy and security officer has been appointed who is responsible for implementing, monitoring, and maintaining the program.

The company is committed to maintaining compliance by attending continuing educational events, which are ongoing as additional policies and procedures are developed.

The company will monitor compliance through periodic audits as well as other methods of monitoring.

Administrative Safeguard Physical Safeguard Technical Safeguard

Administrative Safeguard

Administrative safeguards play a critical role in ensuring the overall security posture of an organization by focusing on governance, risk management, and compliance strategies.

Security Management Process
Assigned Security Personal
Information Access Management
Workspace Training & Management
Evaluation

Physical Safeguard

Physical safeguards are crucial measures put in place to protect physical assets, facilities, and resources from unauthorized access, damage, theft, or harm.

Facility Access Controls
Workstation Security
Device and Media Controls
Data Backup and Storage
Disposal of ePHI

Technical Safeguard

Our Technical safeguards are implemented through various technological measures and controls designed to secure systems and networks.

Access Controls
Audit Controls
Integrity Controls
Transmission Security
Malware Protection
Contingency Planning
Risk Assessment

HIPAA standards

We understand that medical billing companies deal with patient information regularly since they receive healthcare claims that reveal the name of the patient and the services that were rendered to him. Consequently, our employees who work the inbound claims must adhere to HIPAA standards, or else they can be charged with breaking HIPAA law.

This means that employees shall not discuss patient information with others outside of work or disclose their information wrongly. We have a policy of upgrading HIPAA confidentiality rules into our operating policies and procedures as a safeguard to ensure that staff understands the significance of the federal requirement

Secure Patient data

Analytica takes extreme measures to secure patient data. Here are our organizational compliance settings. The company has built a firewall that cannot be penetrated. We do this by utilizing secure FTP to transfer documents and encrypt emails prior to sending and receiving information from our clients.

A confidentiality and non-disclosure agreement as well as a HIPAA compliance document must be signed by each and every employee of the company prior to joining the company. In the agreement, there is always a clause that prevents the employee from disclosing, publishing, or accessing patient information in any unauthorized way.

At the office premise where all services are managed, most employees must have secure card access to the building. This restricts the entry of unauthorized personnel. Prior to exchanging documents, a secure connection is established using VPN tunnels or secure cloud storage is being used with limited access to users.