Avoid Breaking Your HIPAA Compliance
Safeguard Patients’ Protected Health Information (PHI) during File Transfer
What Is HIPAA Compliance?
Healthcare Insurance Portability and Accountability Act (HIPAA) is a federal law that regulates how companies can access and use individually identifiable health information collectively defined as protected health information (PHI).
What Is Protected Health Information (PHI)?
PHI includes a person’s medical records, such as history, test and laboratory results, and other individually identifiable health information.
Who Needs to Comply with HIPAA?
Any company that has access to PHI must achieve and maintain HIPAA compliance.
What Is a HIPAA Covered Entity?
A covered entity is any entity that is a healthcare provider, provides a health plan or is a healthcare clearinghouse.
What Is a HIPAA Business Associate?
A business associate is “a person or entity that performs certain functions or activities that involve the use or disclosure of protected health information on behalf of, or provides services to, a covered entity that involve access by the business associate to protected health information.”
What Is a HIPAA Business Associate Contract?
To ensure that their business associates also protect PHI, the covered entities and its business associates must enter into contracts with their business associates. The contracts signify an understanding by the business associates that they are accessing PHI and understand and share the responsibilities that entails. The contracts define, clarify and limit the permissible uses and disclosures of PHI by the business associate.
Does Thru’s File Transfer Service Maintain HIPAA Regulations?
Thru’s managed file transfer (MFT) service has features that meet the following required implementation specifications. Thru’s features and functionality also meet several of the specifications noted as addressable in HIPAA’s Part 164 – Security and Privacy, 164.312 Technical Safeguards. To discuss the specifics of Thru’s compliance posture, please contact us »
Learn more about HIPAA compliance for secure file transfer »
What Are the Rules of HIPAA?
Regulates when a covered entity may disclose PHI without a patient’s express written authorization and when they cannot. If a covered entity discloses any PHI, it should take care to disclose the minimum amount necessary to achieve its purpose.
This rule requires covered entities and business associates to put technical, physical and administrative safeguards in place to keep PHI safe.
Provides standards regarding compliance, investigation, monetary penalties and hearing procedures for HIPAA violations.
Breach Notification Rule
Requires business associates to notify covered entities if they know a breach occurred and covered entities to notify patients affected by a breach of PHI.
Secure File Transfer Overview
Thru helps you achieve end-to-end file security with measures to protect data in the cloud, application and network.