“How is Medical Canvassing HIPAA Compliant?” This is a question we often receive when we introduce clients to Medical Canvassing. At Ontellus, one of our missions is to ensure that information is secure as we are both SOC II Certified and a HIPAA compliant solution.
In this blog, we’ll delve into HIPAA, particularly what it is and how HIPAA is applicable to Medical Canvassing.
What is HIPAA?
The Health Insurance Portability and Accountability Act, or HIPAA, is a U.S. law designed to protect patients' medical records and other health information provided to health plans, doctors, hospitals, and other healthcare providers.
Since the enactment of HIPAA, the U.S. Department of Health and Human Services (HHS) has published several new rules including the Privacy Rule, Security Rule and Final Omnibus Rule, which apply only to Covered Entities. Covered Entities is a term narrowly defined to mean health plans, health care clearing houses and health care providers who conduct standard health care transactions electronically.
HIPAA's Impact on Medical Canvassing
When it comes to Medical Canvassing, Ontellus is not looking for a Covered Entity to release ANY medical information about the claimant. Ontellus is only looking to see if a patient has had an appointment at that specific location. The Covered Entity is free to disclose the answer of “yes” or “no” when asked about whether a claimant was provided treatment at the facility. Because Protected Health Information (PHI) is not being requested, HIPAA is not applicable.
Ontellus: Going the Extra Mile to Ensure Security
Ontellus’s number one priority is patient security and compliance. All employees undergo HIPAA privacy training on an annual basis. In the event a custodian attempts to provide PHI to Ontellus as part of a canvassing effort, the custodian is reminded that PHI is not being sought and will not be accepted.
If you’re interested in learning more about Medical Canvassing, contact us today!
Topics: Data Security