HIPAA Compliance Information
Premier Heart, LLC ("Premier Heart") retains certain information which is
considered Protected Health Information (PHI) under the terms of Title II of
the Health Insurance Portability and Accountability Act (HIPAA). This
information includes a patient name, identification number/code, certain
demographic and physiometric information provided by the testing
technician/treating physician. Premier Heart also retains digitized EKG data
and analysis results used to generate the diagnostic report.
Information described above is retained on Premier Heart's central servers for a minimum of seven (7) years from date of testing.
Under the terms of HIPAA Title II and the "Privacy Rule", Premier Heart will disclose the Protected Health Information noted above to:
- The Physician or Technician who performed the test, in the
course of their requesting the diagnostic report
- The tested individual, upon request and following
appropriate identity verification 1
- Insurance Carriers, Hospitals, etc., as required to
facilitate treatment, payment or health care operations.
To safeguard your information, Premier Heart employs the following measures
to ensure complicance with the "Security Rule":
- Administrative Safeguards:
In addition to the disclosure conditions identified above, Premier Heart limits access to PHI to the following classes of employees:
- Senior Management
- Medical Review Team
- Systems Administration Team
- Technical Support Team (Limited access)
- Administrative/Billing Team (Limited access)
- Physical Security:
- Premier Heart's servers are housed in a secure facility, equipped with 24 hour security staff and biometric authentication for datacenter access.
- It is Premier Heart's policy to securely erase or physically destroy all data storage media which has contained PHI when such media has reached end of service life or become damaged.
- Technical (Electronic) Security:
- Premier Heart's server infrastructure is segmented using industry best practices, minimizing the exposure of servers containing PHI. Access to these servers is restricted to the Systems Administraton Team.
- Backups and data to be moved off site are encrypted to prevent information compromise in the event of theft of the backup media.
Notes:
-
It is Premier Heart's policy that patient requests for information must be routed through the testing/treating physician.
Direct requests for information will be handled on a case-by-case basis.
|