HIPAA Compliant Insurance Website
and Secure Email Service
Do you need to be HIPAA compliant?
HIPAA Compliant Website /
Secure
Email Client
- RightPriceLife.com (Plano, Texas)
More Security Compliance - PCI DSS
Our HIPAA Compliant servers are also PCI DSS Compliant.
The Payment Card Industry Data Security Standard (PCI DSS) is a set of comprehensive
data security requirements; aimed at enhancing financial and payment account data security. This standard was developed by the founding payment brands of the PCI Security Standards Council, including American Express, Discover Financial Services, JCB International, MasterCard Worldwide and Visa International, to help facilitate the broad adoption of consistent data security measures on a global basis.
The Health Insurance Portability and Accountability Act (HIPAA) sets specific guidelines for any website that stores or transmits Personal Health Information (PHI) from one location to another. It establishes a Security Rule and a Privacy Rule, essentially requiring there to be technical and physical safeguards to the integrity and privacy of PHI, as well as restrictions to the access of PHI to the minimally necessary number of people.
Therefore, if you receive or transmit Personal Health Information from your website or through email, it must be protected.
Are Insurance agents and Brokers Impacted?
Insurance agents and brokers that receive Personal Health Information via email or website quote forms, will need to comply with HIPAA guidelines for transmitting the information securely.
INS Digital Media can provide a HIPAA compliant insurance website, encrypted quote forms, and secure email service. You can contact us for more information on our HIPAA compliant insurance website and secure email service.
What are the requirements of HIPAA?
There are several parts to HIPAA's "Administrative Simplification" provision. Our focus here is on the Security Rule section.
Security Rule:
- Mandates the security of electronic medical records pertaining to an individual, requiring that covered entities ensure the confidentiality, integrity, and availability of all electronic protected health information that the entity creates, receives, maintains, or transmits.
- Requires entities to protect against any reasonably anticipated threats or hazards to the security or integrity of all electronic protected health information, protect against reasonably anticipated uses or disclosures of such information, and ensure compliance by their workforce.
- Specifically, these standards concentrate on three aspects of security:
- Physical Security - requires protection of electronic systems, equipment and data
- Technical Security - authentication and encryption to be used to control access to data
- Administrative Security - security responsibility is to be assigned to an individual
What are the penalties for non-compliance with HIPAA?
HIPAA includes severe penalties, both civil and criminal, for non-compliance. These include: Civil fines of $100 per violation, up to $25,000 for multiple violations of the same standard in a calendar year. Criminal fines up to $250,000 and/or imprisonment up to 10 years for knowing misuse of individually identifiable health information.
Individuals also have the right to file a formal complaint with the U.S. Dept. of Health and Human Services (HHS) for violations of HIPAA regulations. HHS may investigate and penalize organizations.
Information Request Form
INS Digital Media will respond to your request within one business day. There is no obligation by submitting this form, it is simply a request for information.
* Required Field
