XoranConnect® HIPAA Compliance Statement
[45 CFR 164.502(e), 164.504(e), 164.532(d) and (e)]
We at Xoran Technologies LLC realize that our customers, most of whom are healthcare
providers, are required to ensure the confidentiality of patient healthcare data
pursuant to HIPAA.
We understand the sensitivities and the seriousness associated with keeping patient
healthcare data private and secure.
Many of Xoran’s customers provide us with a Business Associate Agreement that ensures
that all parties involved in the use and/or disclosure of protected healthcare information
comply with current HIPAA Regulations. This XoranConnect® HIPAA Compliance
Statement is intended to inform our customers who are “covered entities” under HIPAA
that we are aware of their HIPAA requirements and will do our part to help ensure
that their patient data is kept confidential. This Statement is not intended to
take the place of a Business Associate Agreement.
To effectively deliver our XoranConnect® services, we require access to numerous
data elements associated with patient and provider information. Therefore, we have
instituted policies and procedures to ensure that such data is kept confidential,
including, but not limited to, the following:
- PRIVACY AND SECURITY:
We train and instruct all Xoran employees that all patient and provider specific
information that we receive or generate as a result of delivering our services is
to be treated as confidential. The electronic data we receive is stored on secure
computer servers and PC workstations, which require a unique user name and password
to access such data. All Xoran employees are required to sign a confidentiality
agreement as part of their employment contract.
- UNIFORM
CODES AND DATA TRANSMISSION: Because we accept data directly from our customers,
we use their HIPAA-compliant formats to re-transmit data to our customers or third
parties as part of our delivery of services.
|