Privacy
Health Insurance Portability and Accountability Act (HIPAA) is a federal law that protects the privacy and security of individuals’ medical information. In the medical billing and coding industry, HIPAA compliance is crucial to ensuring that patients’ health information is handled in a confidential and secure manner. As HIPAA-compliant medical billing and coding services company, Ocean Stack complies with the standards set by HIPAA regulations. We ensure the following:
Technical safeguards:
OceanStack has appropriate technical safeguards in place to ensure the confidentiality, integrity, and availability of electronic protected health information (ePHI). This includes using encryption for data storage and transmission, implementing firewalls and other security measures to prevent unauthorized access, and regularly monitoring and testing the security systems.
Physical safeguards:
OceanStack has physical controls in place to prevent unauthorized access to ePHI. This includes controlling access to workstations and servers, restricting access to work areas, and securing paper records.
Administrative safeguards:
OceanStack has policies and procedures in place to protect the confidentiality, integrity, and availability of ePHI. This includes conducting risk assessments, providing staff training, and regularly reviewing security policies and procedures.
Secure data storage and transmission:
OceanStack ensures that ePHI is stored securely and transmitted securely. This includes using encrypted data storage and transmission and using secure methods for transmitting information, such as secure email or secure file transfer.
Employee training:
OceanStack provides regular training to its employees on HIPAA regulations and the importance of protecting ePHI. This includes training on how to handle sensitive information, how to use security measures, and how to detect and report security incidents.
Business associate agreements:
When required, OceanStack enters into written agreements with its business associates that require them to protect the confidentiality, integrity, and availability of ePHI in accordance with HIPAA regulations.
Compliance audits:
OceanStack conducts regular compliance audits to ensure that it is in compliance with HIPAA regulations. This includes conducting risk assessments, reviewing security policies and procedures, and reviewing security incidents.
Incident response plan:
OceanStack has an incident response plan in place to respond to security incidents. This includes identifying the incident, reporting the incident, conducting an investigation, and taking appropriate action to prevent future incidents.
Reporting requirements:
OceanStack complies with HIPAA reporting requirements. This includes reporting security incidents to the Department of Health and Human Services and providing notice to affected individuals in the event of a breach of their ePHI.
Data privacy:
1. Information We Collect
a. Personal Information
Contact Information: We collect various types of information to provide and improve our services. The information we collect includes, but is not limited to:
b. Identifying Information:
i. Name
ii. Contact details(email addresses, phone numbers)
Medical Credentialing and Billing Information: Any information related to medical credentialing and billing services that you provide to us.
2. How We Use Your Information
We use the collected information for the following purposes
Providing Services: To facilitate medical billing and credentialing services as requested by you.
Communication: To respond to your inquiries, send updates, and provide information related to our services.
Improvement: To analyze usage patterns and improve the quality of our website and services.
3. Information sharing and Disclosure
We do not share your personal information with third parties. Your information is solely used for the provision of our medical credentialing services and communication with you.
4. Your Consent and Control
By providing your information, you consent to the collection, processing, and storage of your personal data as outlined in this Privacy Policy. You have the right to:
Opt-Out: You may opt-out of receiving promotional communications from us by contacting us directly.
Access and Correction: You may request access to and correction of your personal information by contacting us.
In conclusion:
OceanStack is a HIPAA-compliant medical billing and coding services company that has technical, physical, administrative, and employee-related safeguards in place. We also have secure data storage and transmission systems, business associate agreements, compliance audits, an incident response plan, reporting requirements, and patient access policies. By meeting these requirements, OceanStack can ensure that it is providing secure and confidential medical billing and coding services in accordance with HIPAA regulations.