HIPAA Data Compliance

The importance of always available and accurate health care data is integral to delivering quality care. The ability to recover data at a desired point-in-time can make the difference in a health care delivery system.

In 2003, HIPAA set national standards for the protection of health information, as applied to three types of covered entities: health plans, health care clearinghouses and health care providers who conduct transactions electronically. Entities must maintain standards to ensure data integrity, availability and the security of individually identifiable health information.

Achieve HIPAA Data Compliance

Files such as patient and billing records can be accessed only by the covered entity
Secure, encrypted data transfer and storage prevents alterations, tampering or unauthorized access
Data can be restored swiftly and accurately to a specific point-in-time
Reporting provides a clear audit trail with user access date and time-stamp detail

DATA COMPLIANCE REQUIREMENTS

The data management portion of HIPAA is focused on the secure storage and transmission of Protected Health Information (PHI) over computer networks. PHI includes all individually identifiable health information in any form or media including subsets of health information such as demographics.

HIPAA defines who is authorized to access this information and requires the establishment and maintenance of appropriate administrative, technical, and physical safeguards to ensure integrity, confidentiality, and availability of the information.

Healthcare organizations are required to individually assess their security and privacy requirements and take measures to implement electronic data protection for data in transit and storage. ABS’s managed services ensure the appropriate data and applications are secured and available for immediate recovery when needed.

HIPPA REQUIREMENTS	ABS COMPLIANCE STANDARDS
Electronic protected health information (ePHI) must be secured against potential threats or hazards	Data is securely stored in two geographically diverse Carrier-Grade datacenters. Redundant fail-safe systems protect the data in every step of the backup and storage process
Access to ePHI must be protected against any reasonably anticipated uses or disclosures that are not permitted or required by the Privacy Rule.	Data is encrypted during backup, transmission and storage with the encryption technology used by the US Government. Access is restricted by password authentication only.
Maintenance of record of access authorizations	Reporting provides a clear audit trail with user access date and time-stamp detail.
If the data is processed through a third party (ABS), entities are required to enter into a chain of trust partner agreement	ABS enters into a Terms of Service agreement with the client. This outlines that the parties agree to electronically exchange data and that ABS is provisioned to protect the transmitted data. The Agreement states that the receiver of the data (ABS) is required to maintain the integrity and confidentiality of the transmitted information.

Note: ABS does not have access to the stored contents. It is the client’s responsibility for data maintenance to be in accordance with HIPAA standards.

Enterprise Solutions

Engineered for true business continuity. Enterprise-class data protection and disaster recovery solutions.

Learn More

Assessment & Quote

Implement data compliance best practices today. Get a compliance assessment and solution quote.

Get Quote

Datasheet Downloads

HIPPA Compliance
ABS Enterprise^®
Data Storage Facilities