Printable Version

What Is HIPAA?
On August 21, 1996, the Health Insurance Portability and Accountability Act of 1996 (HIPAA) was enacted by Congress to facilitate health insurance portability, reduce health care fraud and abuse, protect the security and privacy of health information, and enforce standards regarding health information. HIPAA incorporates an Administrative Simplification section that includes:

• Electronic transaction standards for health information - The transaction standards govern the electronic exchange of administrative and financial health care data between providers, payers/insurers, and health care clearinghouses.
• Privacy of patient identifiable information - The privacy standards provide safeguards to protect the unauthorized release or use of individually identifiable health information.
• Security of electronic health information - The security standards provide measures to protect the confidentiality, integrity, and availability of electronic protected health information using physical, administrative and technical safeguards.

OCS has established a formal HIPAA Compliance Program, designed to reinforce OCS’ commitment to health information privacy compliance, and assists OCS personnel in meeting their compliance obligations. OCS’ HIPAA Compliance Program is designed to prevent violations of applicable health information privacy laws such as HIPAA and, where such violations occur, to promote their early and accurate detection and prompt resolution through education, monitoring, disciplinary action and other appropriate remedial measures.

OCS’ HIPAA Compliance Program has the following components:

1. OCS has appointed a Privacy Officer who will be responsible for implementing, monitoring and maintaining the HIPAA Compliance Program.
2. OCS has and continues to develop detailed policies and procedures to institutionalize OCS’ HIPAA Compliance Program.
3. OCS will provide all of its employees with compliance education and training, and maintains an open line of communication between OCS employees and the Privacy Officer.
4. OCS will monitor internal compliance on a regular basis through the use of periodic audits and other practices.

OCS utilizes a combination of physical, administrative and technical safeguards to protect the security of confidential health information. OCS has the capability to receive and send encrypted data. OCS’ computer room is physically safeguarded with a locked door accessed only by personnel with a need to know. All data is routinely backed up and stored in a offsite, secure facility. Access to data on the OCS host system is password protected and provided only on an as-needed basis based on job function. Access by users is routinely monitored.