HIPAA

HIPAA Compliance

HIPAA
Health Insurance Portability and Accountability Act
US federal law that regulates personal medical data protection.

Соответствие требованиям HIPAA

  Ask a question to our experts

E-mail us to get
consultation on HIPAA

Or call by phone +38 (044) 332 01 17

Requirements of the Law are divided into three sections:

The Privacy Rule

Privacy practices - is a set of federal standards that provide patients with access to their medical records and enable them to control how their data is used and disclosed.

The Security Rule

Security Procedures - defines standards for the implementation of basic guarantees for the protection of electronic personal medical data. Describes a set of administrative, physical, and technical measures to be taken to protect data.

The Breach Notification Rule

Data breach notification procedure - requires organizations that are subject to the Privacy and Security Rule to notify the government, citizens and, in some cases, the press, about cases of leakage of unprotected personal medical data.

About HIPAA standart

HIPAA (Health Insurance Portability and Accountability Act) - Federal Law, adopted in 1996 and significantly improved in 2013, which specifically regulates the protection of personal medical data.
Individuals and organizations in the field of health (Covered Entity). After the adoption of the latest amendments in 2013, organizations that are not related to health care, but provide services related to the processing, storage or transmission of personal medical data ( Business Associates).
To comply with legal requirements, organizations that process, store, or transfer personal health information must:
  • Take all necessary administrative, physical and technical measures to protect personal health data
  • Ensure staff are aware of the legal requirements and their obligations to protect personal medical data
  • Develop and implement procedures for working with data, their backup and providing access to them in case of emergency
  • Sign a supplementary agreement (Business Associate Agreement), which separately stipulates the responsibilities for the protection of personal medical data, with all contractors who will be involved in the provision of services related to data
  • Provide data leak notification procedure
  • Our approach to implementation of HIPAA

    Methodology

    Our methodology allows to introduce a set of measures to ensure compliance in a short time and without significant labor costs on the part of the Customer.
    Compliance Control consultants have experience in successful projects to bring HIPAA requirements to companies that operate in the US market.

    Documentation

    We will help develop the necessary documentation in accordance with the specifics of your organization. Draft documents will be announced in Russian, Ukrainian or English (at the request of the Customer)

    Do you have questions about HIPAA? E-mail us.

    Or call by phone +38 (044) 332-0117