How does HIPAA apply to Medical billing and collection while outsourcing?

We understand that outsourcing your billing and collections may present some concern when you know that the work is sent outside the country. We want you to understand that we always follow HIPAA guidelines and more to assure that your information remains safe and secure.

Medical Billing Workflow and Confidentiality of Information

Electronic processing and transfer of data via multiplex or /router/ modem is encrypted and password protected to ensure privacy and confidentiality. Dedicated leased lines and Firewalls ensure security of data. We respect all patient information provided by our client and do not disclose any information. Confidentiality of patient and practice information is assured. We have a zero tolerance policy for any breech of confidentiality. Records are kept secure and all appropriate laws are observed for handling the release of information. Below is an outline of the measures we take:

• We have 24 X 7 security personnel manning our office.
• None of our paperwork work leaves our office and we don't use sub-contractors; your information does not leave our office.
• All the external drives including floppy disk drives are disabled on each computer.
• No personnel are allowed to bring in any floppies, any electronic devices including laptops, PDA.
• No personnel are allowed to bring in or take out any paper or any written documents.
• Every employee is checked on entering and leaving the premises.
• We have a system of random checking on a regular basis.
• All computers require passwords to use the computers and to start Windows
• We have firewalls and antivirus software on all the computers and update virus definitions daily.
• Any spoiled hard copies of notes and copies of patient information including documents schedules are shredded on site.
• Monthly back-ups of computer systems will be done and stored in a locked outbuilding on our property. All lockers used for storage is password protected.
• We have a smoke alarm and a fire extinguisher in our office.
• We currently require all our employees to sign a confidentiality and non-disclosure agreement.
• We maintain up-to-date contractual agreements with all business parties.
• We have instituted security measures to protect the security and integrity of protected information according to guidelines.
• We follow 128 bit encryption for all transferred files.
• MOS has administrative procedures in place to guard data integrity, patient confidentiality, and document availability. (Information Access Control and Access Authorization).
• We have security services employed to prevent theft and/or vandalism of any information stored on our systems.
• Technical evaluations are performed on a routine basis to make sure all systems meet or exceed specified security requirements.
• All persons, administrators and employees, who have access to any sensitive information, patient records, or voice files, etc., have the appropriate clearances and have signed confidentiality agreements.
• Our entire work force is trained on privacy, security, and confidentiality. We strive to meet and exceed all regulations.