Vitalae Corporate Services protects the confidentiality of information it receives by adhering to the requirements of the HIPAA Privacy Rule and the HIPAA Security Rule. The Privacy Rule governs the acquisition, storage, transfer and retention of Protected Health Information, in both electronic and paper formats. The Security Rule covers all information acquired, maintained or transferred electronically.
Vitalae Corporate Services follows the policies and practices it has documented in its HIPAA Privacy Manual, and in its HIPAA Security Compliance Plan. These documents cover areas such as:
- Definitions of Protected Health Information,
- Privacy Officer duties and responsibilities,
- Requests for Accounting of Disclosures of PHI,
- Physical security of electronic equipment used to acquire and store PHI,
- Technical safeguards to prevent unauthorized access to PHI, and
- Training and awareness for staff members who have access to PHI.
Vitalae Corporate Services provides training to all new staff members on their responsibilities to maintain the confidentiality of information they have access to as part of their duties.
Vitalae Corporate Services also:
- Continuously monitors the security of its electronic resources to minimize the possibility of a breach of security,
- Conducts an annual evaluation of its compliance with its Privacy and Security policies and practices,
- Updates its policies and practices continuously as requirements or environments change,
- Provides annual refresher training to staff members on confidentiality, privacy and security.
- Has completed a HIPAA Risk Assessment, provided by a qualified third party.
If you have any comments or concerns about Vitalae Corporate Services’ policies or practices, please contact us at 800-394-WELL (9355).