Can you risk not being HIPAA compliant with your electronic records?

In June 2005, the U.S. Department of Justice (DOJ) clarified who can be held criminally liable under HIPAA. Covered entities and specified individuals, as explained below, whom "knowingly" obtain or disclose individually identifiable health information face a fine of up to $50,000, as well as imprisonment up to one year. Offenses committed under false pretenses allow penalties to be increased to a $100,000 fine, with up to five years in prison. Finally, offenses committed with the intent to sell, transfer, or use individually identifiable health information for commercial advantage, personal gain or malicious harm permit fines of $250,000, and imprisonment for up to ten years.

What does “Knowingly” mean?

The DOJ interpreted the "knowingly" element of the HIPAA statute for criminal liability as requiring only knowledge of the actions that constitute an offense. Specific knowledge of an action being in violation of the HIPAA statute is not required.

What do HIPAA regulations require for electronic information?

HIPAA requires that healthcare facilities take reasonable precautions to prevent a loss of medical records and information. In a digital environment, it means that a contingency plan must be in place in case of a computer emergency. If there is a loss of data, the plan must include a reasonable and effective method to restore those records, without compromising privacy.

Health organizations, and the business associates who provide services to them, must ensure that the confidentiality and integrity of the medical records are secure when in a storage capacity. Access to these digital records must be restricted by a Password/ID system that proves authorized access. Any transmission of this data must be protected by a system of encryption. These safeguards need to be documented and signed.

Does Retrievex help your company comply with HIPAA standards?

The answer is “yes”. When you create a Disaster Recovery Plan with the Retrievex Internet Vault powered by VaultLogix, you protect your data from being lost due to disasters (like fire, flood, viruses and human error). Here are some aspects of our service that provide you with the tools to maintain compliance with HIPAA standards:

User authentication - You establish private password authentication known only to you.    

Role-based access - Limit users to access only information they have authority to see.

Encryption of data - We offer encryption up to an AES256 bit level.

Offsite storage of data - So it is not lost to disaster that caused loss of primary data.

Secure storage facilities - Provides protection from sabotage and natural disasters.

Transmission reports - Reports will be generated every backup and provide verifiable info.

Why is Retrievex your best choice for data protection?

  • A trusted leader in the Medical Records Storage industry
  • Helps your facility to be HIPAA compliant
  • A trusted leader in the Medical Records Storage industry
  • User-friendly interface for end users
  • Fast recovery means no interruption to business after disaster
  • Automated solution increases productivity
  • Long-term cost savings
  • Extremely reliable and secure data protection

Services Menu

RecordsLinkSM

With Retrievex RecordsLink, our unique comprehensive, completely customizable, online web system, you can manage your offsite records online, from the convenience of your desktop! Learn More »

Request Information