At SGRX, we are aggressively committed to HIPAA compliance for the security and privacy of patients. Patient privacy is our utmost concern to us. We have integrated the HIPAA initiative in to all operational business units within SGRX.
The Health Insurance Portability and Accountability Act of 1996 (HIPAA) is the catalyst for manypositive changes in the health care industry. Subtitle F of HIPAA, Administrative Simplification states its intent to improve ". . . the efficiency and effectiveness of the health care system, by encouraging the development of a health information system through the establishment of standards and requirements for the electronic transmission of certain health information."
As a Business Associate to Providers, Health Plans and other "Covered Entities," SGRX has made HIPAA a top priority and is meeting all goals for HIPAA readiness. Please read our HIPAA Business Associate Provisions to learn more about the ways SGRX is dedicated in safeguarding protected health information (PHI).
As a Business Associate to Providers, Health Plans and other "Covered Entities," SGRX has made HIPAA a top priority and is meeting all goals for HIPAA readiness. Please read our HIPAA Business Associate Provisions to learn more about the ways SGRX is dedicated in safeguarding protected health information (PHI).
1) SGRX will use or disclose PHI only as necessary to perform the services required by this Agreement and will not otherwise use or disclose PHI except as required by law. "Required by law" shall have the meaning ascribed to it in 45 C.F.R. 164.501, as that regulation may be amended from time to time.
2) SGRX will maintain appropriate safeguards to prevent use or disclosure of PHI that is not permitted under this Agreement.
3) SGRX will report to Client any use or disclosure of PHI in violation of this Agreement within [ten (10) working days] of the date on which it becomes aware of such violation.
4) To the extent feasible, SGRX will report to Client any requests for use or disclosure of PHI with which SGRX believes it is required by law to comply so that Client has a reasonable opportunity, prior to the use or disclosure, to evaluate the legal authority on which the request is based. Where prior notification is not feasible, SGRX will inform Client promptly following any use or disclosure which it determines is required by law.
5) SGRX will require that any agents, including subcontractors, to whom it provides PHI received from or received or created on behalf of Client agree in writing to the same restrictions and conditions that apply to SGRX with respect to such PHI. Upon request, SGRX will make available to Client, PHI required to provide access pursuant to 45 C.F.R. 164.524, as that regulation may be amended from time to time.
6) SGRX will document uses and disclosures of PHI necessary to satisfy the requirements of an accounting pursuant to 45 C.F.R. 164.528, as that regulation may be amended from time to time.
7) Upon request, SGRX will make available the information required by Client to provide such an accounting. SGRX will make its internal practices, books, and records relating to the use and disclosure of PHI received from, or created or received on behalf of Client, available to the Secretary of the United States Department of Health and Human Services for purposes of determining Client's compliance with Subpart E of 45 C.F.R. Part 164.
8) Upon termination of this Agreement, SGRX will return to Client all PHI, in any form, received from, or received or created on behalf of, Client, and will retain no copies of such PHI. If you would like more information on SGRX HIPAA compliance efforts, please contact us at (877) 794-3576
SGRX is well aware of the HIPAA regulations and their far-reaching affects on the Health Care industry. Since HIPAA greatly affects the use of technology and the electronic management of patient information, it is imperative that we understand the implications of the regulation as well as the various means of compliance. SGRX leverages its state-of-the-art technology to overcome the technical obstacles that are created by HIPAA. SGRX is constantly gathering information and staying educated on all facets of the new and changing HIPAA requirements. Although HIPAA does not currently affect the workers' compensation Industry, to a large degree, we are anticipating that this may someday change. Be confident that SGRX is anticipating these potential changes and will be well-prepared far in advance of their implementation.
Amendments to final medical privacy rules issued recently should not interfere with how the workers' compensation system operates. The rule is intended to protect the use of individually, identifiable health information by health plans, health care clearinghouses and various health care providers. Workers' compensation insurers and employers had concerns that the rules could discourage medical providers from providing information to workers' compensation insurers that would be used to both process comp claims and provide related benefits to insured workers. Disclosure rules could have slowed or, in some cases, halted the delivery of workers' compensation benefits to injured workers. The regulations, however, will allow doctors and hospitals to share patient information with insurance companies without obtaining the patient permission as long as these records are directly related to health services. The rule's preamble now reflects the intention of HHS not to interfere with the state-based Workers Compensation system. Human Resources Management Daily Document Update 18,584.
For more information on how Worker's Compensation is specifically affected by HIPAA, please refer to the "HIPAA Guidelines" PDF. If you have trouble reading this PDF document, then refer to the main site: http://www.hhs.gov/ocr/hipaa/
The Health Insurance Portability and Accountability Act of 1996 was passed by Congress to reform the insurance market and simplify health care administrative processes. HIPAA is aimed at reducing administrative costs and burdens in the health care industry by adopting and requiring the use of standardized, electronic transmission of administrative and financial data. As a result, the Department of Health and Human Services must adopt national uniform standards for the electronic transmission of certain health information. Newly mandated HIPAA standards require that all primary participants are to be compliant with HIPAA-established standards no later than February of 2002, and other participants no later than February of 2003.
For more information, visit HIPAA's website at http://www.hipaa.org
Or you may find this online Fact Sheet helpful at http://aspe.hhs.gov/admnsimp/final/pvcfact1.htm