COMPANY HIPPA REQUIREMENTS
Company HIPPA Requirements
Name of the Company: U.S. Medical Products, LLC
Scope of Business: Medical Supplies
Brief: Given that our business will be handling protected health information (i.e. in relation to the collection of insurance information as well as sale of medical devices and assorted products), it is expected to comply with certain HIPAA rules.
Collection of Insurance Information
1. Claims are likely to include protected health information (PHI) – which effectively means that compliance with HIPAA rules is mandatory.
2. The collection of insurance info necessitates the utilization of various PHI identifiers – necessitating compliance with HIPAA rules. PHI identifiers could be inclusive of, but they are not limited to; birth date, address, name, contact details, biometrics, social security number, etc.
Sale of Medical Devices/Equipment
1. Compliance with HIPAA rules is not a requirement in the sale of new medical devices (i.e. devices that have been sourced directly from the factory and have never been used before).
2. Compliance with HIPAA rules is required for all resold or secondhand medical devices and equipment.
Nonetheless, the company recognizes that from time to time, it will trade in devices and/or equipment that either access of handle patient health information (PHI), i.e. devices that with certain touch points for PHI. As a consequence;
1. All equipment and devices involved in the transmission, receipt, as well as recording of health information must comply with HIPAA rules.
2. Medical devices involved in the transmission, receipt, as well as recording of health information must be designed in a way that ensures that patient information is protected.
3. Medical devices involved in the transmission, receipt, as well as recording of health information must be designed to ensure that patient information is only accessed by authorized persons and/or parties.
Standards
1. Ensure that all sources of patient health information are identified and authenticated
2. Ensure that all workers have the relevant patient health information (PHI) access protocols training
3. Ensure that all inventory is traceable
4. Ensure that touch points deemed weak are identified via the conduction of a risk assessment
You’re 82% through this paper. Sign up to read the full paper.
Sign Up Now — Instant Access Already a member? Log inAlways verify citation format against your institution’s current style guide requirements.