HIPAA - Privacy Rule
1. What is Health Information Portability and Accountability Act (HIPAA)?
The Office for Civil Rights enforces:
• the HIPAA Privacy Rule, which protects the privacy of individually identifiable health information,
• the HIPAA Security Rule, which sets national standards for the security of electronic protected health information,
• and the confidentiality provisions of the Patient Safety Rule, which protect identifiable information being used to analyze patient safety events and improve patient safety.
2. What is HIPAA Compliance?
HIPAA sets the standard for protecting sensitive patient data. Any company that deals with protected health information (PHI) must ensure that all the required physical, network, and process security measures are in place and followed.
This includes covered entities (CE), anyone who provides treatment, payment and operations in healthcare, and business associates (BA), anyone with access to patient information and provides support in treatment, payment or operations. Subcontractors, or business associates of business associates, must also be in compliance.
The HIPAA Privacy Rule addresses the saving, accessing and sharing of medical and personal information of any individual, while the HIPAA Security Rule more specifically outlines national security standards to protect health data created, received, maintained or transmitted electronically, also known as electronic protected health information (ePHI).
A supplemental act was passed in 2009 called The Health Information Technology for Economic and Clinical Health (HITECH) Act which supports the enforcement of HIPAA requirements by raising the penalties of health organizations that violate HIPAA Privacy and Security Rules. The HITECH Act was formed in response to health technology development and increased use, storage and transmittal of electronic health information.
And the HIPAA/HITECH Act Omnibus Rule from 2013 which amended the HIPAA/HITECH Act Privacy, Security, Breach Notification, and Enforcement Rules.
RingCentral’s solution ensures that customer calls and messages are secure with encryption in transit and at-rest, along with other features, protecting patient data and guarding against unauthorized access to protected health information.
3. Can a covered entity or business associate use the RingCentral e-fax services and remain HIPAA compliant?
Please consult with an attorney as to whether your use of our service may involve the transmission, receipt, or storage of ePHI. This article is for informational purposes only and is not intended to provide legal advice.
Message Storage and Account Data Retention
HIPAA - Overview
RingCentral Phone - Overview
RingCentral Phone Mobile | Frequently Asked Questions