514 7th St, Oregon City, OR 97045

Select Other Locations

HIPAA Policy

Effective Date: 9/17/2023

Able Hearing Oregon City is committed to protecting the privacy and security of health information in compliance with the Health Insurance Portability and Accountability Act (HIPAA) and its implementing regulations. This HIPAA Policy outlines our practices and procedures for safeguarding protected health information (PHI) and our commitment to maintaining HIPAA compliance.

Definitions

  1. Protected Health Information (PHI): PHI includes any individually identifiable health information held or transmitted by Able Hearing Oregon City, regardless of the form or medium.
  2. Covered Entity: Able Hearing Oregon City is considered a “covered entity” under HIPAA and is required to comply with the relevant regulations.

Privacy Rule

Able Hearing Oregon City adheres to the Privacy Rule under HIPAA, which governs the use and disclosure of PHI. The following are key aspects of our Privacy Rule compliance:

  1. Notice of Privacy Practices: We provide a Notice of Privacy Practices to individuals describing how their PHI may be used and disclosed and their rights regarding their health information.
  2. Authorization: We obtain written authorization from individuals before using or disclosing their PHI, except for purposes permitted or required by law.
  3. Minimum Necessary Rule: We use, disclose, or request only the minimum amount of PHI necessary to accomplish the intended purpose of the use, disclosure, or request.

Security Rule

Able Hearing Oregon City complies with the Security Rule under HIPAA, which sets standards for protecting PHI in electronic form. Our Security Rule compliance includes:

  1. Risk Analysis: We conduct regular risk assessments to identify and address potential security risks to PHI.
  2. Administrative Safeguards: We implement administrative policies and procedures to manage the selection, development, implementation, and maintenance of security measures to protect PHI.
  3. Physical Safeguards: We implement physical security measures to restrict access to facilities and equipment that contain PHI.
  4. Technical Safeguards: We use technical measures, such as access controls, audit controls, and encryption, to protect electronic PHI from unauthorized access or disclosure.

Breach Notification

In the event of a breach of unsecured PHI, Able Hearing Oregon City will follow the appropriate breach notification requirements as outlined in HIPAA. We will promptly notify affected individuals and the U.S. Department of Health and Human Services (HHS) as required.

Employee Training and Education

We provide ongoing training and education to all employees and workforce members who handle PHI to ensure they are aware of their responsibilities and obligations under HIPAA.

Complaints and Reporting

Individuals have the right to file complaints if they believe their privacy rights under HIPAA have been violated. Able Hearing Oregon City has established procedures for addressing and investigating such complaints.

Policy Review and Updates

This HIPAA Policy is subject to regular review and updates to ensure compliance with any changes in the law or best practices.

Get Your Free Consultation: