Privacy and Security

The Health Insurance Portability and Accountability Act of 1996 (HIPAA)

Electronic Health Care Transactions and Code Sets Standards

Compliance Statement: In 1996, the Health Insurance Portability and Accountability Act (HIPAA) became law. It requires, among other things, that the Department of Health and Human Services establish national standards for electronic healthcare transactions and code sets. Adopting these standards will improve the efficiency and effectiveness of the nation’s health care system by encouraging the widespread use of electronic data interchange in health care. It also addresses the security and privacy of health data. The Centers for Medicare & Medicaid Services (CMS) is responsible for implementing the various unrelated provisions of HIPAA.

Access Integrity® is a provider of advanced technology solution for compliant processing of medical transactions to the healthcare industry. Access Integrity has designed and continue to monitor programs to ensure compliance with transaction standards and privacy and security requirements as required under the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”). In order to achieve highest HIPAA standards, we constantly conduct exhaustive audits to make sure our clients’ data is safe and secure.

Medical Claims Compliance® is an advanced technology solution providing complete and compliant processing of medical transactions to the healthcare industry. Medical Claims Compliance accepts the transmission of encrypted health care information to Access Integrity’s secure web server where it is authenticated prior to being processed, reformatted as necessary to verify medical claims integrity via a private network, dial-up connection, or encrypted Internet transmission. Access Integrity has no ownership rights and is not a user of the data, but is merely a conduit for transmission of data between users that have a need for the data. Access Integrity does not view privacy-protected data unless it is necessary to perform its intended task of processing electronic claims. CMS permits the transmission of protected health data between providers and other parties who are not Medicare contractors over the Internet if it is authenticated and encrypted.

Access Integrity further meets compliance standards by including the following text in its User License Agreement: “All beneficiary-specific information is confidential and subject to administrative, technical and physical safeguards to ensure the security and confidentiality of individually identifiable records. This includes eligibility information, claims, remittance advice, online claims correction and any other transaction where individually identifiable information is processed or submitted electronically. Criminal penalties are up to $50,000 and 1 year in prison for obtaining or disclosing protected health information; up to $100.000 and up to 5 years in prison for obtaining protected health information under false pretenses; and up to $250,000 and up to 10 years in prison for obtaining or disclosing protected health information with the intent to sell, transfer, or use it for commercial advantage, personal gain, or malicious harm.”

A copy of this Electronic Health Care Transactions and Code Sets Standards Compliance Plan is on file with the Centers for Medicare & Medicaid Services, P.O. Box 8040, Baltimore, MD, 21244-8040, 866-282-0659.

U.S. Government Rights
This product includes CPT® which is commercial technical data and/or computer data bases and/or commercial computer software and/or commercial computer software documentation, as applicable, which was developed exclusively at private expense by the American Medical Association, 515 North State Street, Chicago, Illinois, 60654. U.S. government rights to use, modify, reproduce, release, perform, display, or disclose these technical data and/or computer data bases and/or computer software and/or computer software documentation are subject to the limited rights restrictions of DFARS 252.227-7015(b)(2) (November 1995) and/or subject to the restrictions of DFARS 227.7202-1(a) (June 1995) and DFARS 227.7202-3(a) (June 1995), as applicable, for U.S. Department of Defense procurements and the limited rights restrictions of FAR 52.227-14 (December 2007) and/or subject to the restricted rights provisions of FAR 52.227-14 (December 2007) and FAR 52.227-19 (December 2007), as applicable, and any applicable agency FAR Supplements, for non-Department of Defense Federal procurements.

NOTE TO PROVIDERS: Access Integrity is not aware of any changes that are necessary in the data that the provider uploads. If changes to ANSI format require data that Access Integrity is not currently requiring of providers, or if any other changes are required by CMS that impact compliance, Access Integrity will notify providers of these changes and make the necessary changes in the Access Integrity system to support the new requirements.