EquiCare HIPAA Statement

The Health Insurance Portability and Accountability Act (HIPAA), passed by Congress in 1996, establishes strict regulations for safeguarding the confidentiality and security of patient healthcare information. These regulations govern how EquiCare manages patient data, including healthcare information and records, and apply to both our operations and those of our clients. HIPAA sets forth key requirements to ensure that Protected Health Information (PHI) is handled with the utmost care and compliance.

At EquiCare, we are committed to fully protecting the privacy and confidentiality of our clients’ patients. Here’s what HIPAA requires us to do:

HIPAA Key Requirements for EquiCare:

1. Protection of Patient Health Information:
   We ensure that Protected Health Information (PHI) is securely handled from the moment it is recorded by our clients, transferred to EquiCare for billing, and stored for record-keeping purposes. This data remains confidential throughout its lifecycle.

2. Restricted Disclosure of PHI:
   EquiCare will not disclose PHI without explicit patient consent unless necessary for the purposes of conducting legitimate business operations, including insurance claims, billing, and other services essential for the healthcare process. Any unauthorized disclosure could result in penalties.

3. Access to and Amendment of PHI:
   Our clients have the responsibility to allow patients to view and, in some cases, amend their PHI. Patients have the right to access their records and request amendments where applicable, although certain amendments may be denied under specific circumstances. Clients must maintain the ability to provide these access rights.

4. Reporting of PHI Disclosures:
   In the event of any inadvertent or unauthorized disclosure of PHI, EquiCare and our clients are required to report such incidents to the patient. This is crucial for maintaining transparency and minimizing legal and regulatory risks.

5. Accountability for PHI Management:
   Both EquiCare and our clients must adhere to HIPAA’s strict regulations and can be held accountable for their practices regarding PHI. We are prepared to provide documentation and accountability to the Department of Health and Human Services (HHS) upon request.

What EquiCare and Our Clients Must Do:

To ensure compliance with HIPAA, EquiCare and our clients must enter into a Business Associate Agreement (BAA)that defines the responsibilities of each party concerning PHI management. Here’s how we work together:

• Client Responsibilities:
  Clients are responsible for managing patient records and ensuring the protection of PHI, including providing patients with a Notice of Privacy Practices (NPP) and obtaining their acknowledgment of receipt where possible. Clients must also ensure that patient records are stored securely and that patient inquiries regarding PHI are handled according to HIPAA requirements.

• Secure Transfer of Patient Records:
  Clients will send EquiCare the necessary patient care reports (PCRs) for billing purposes, whether in paper or electronic form. Both parties are responsible for ensuring these records are transferred securely. EquiCare will recommend HIPAA-compliant methods for secure transfer as part of the billing agreement.

• EquiCare’s Responsibility for PHI:
  After receiving patient data, EquiCare handles the PHI associated with billing operations for non-emergency transportation services. We are responsible for managing PHI during these billing processes, ensuring compliance with HIPAA and safeguarding this data. PHI will only be disclosed for treatment, payment, or as otherwise legally required. We limit access to PHI to authorized employees and third parties involved in the billing and payment processes.

HIPAA Compliance Program at EquiCare

To ensure complete adherence to HIPAA regulations, EquiCare has implemented a comprehensive HIPAA compliance program. This program is outlined in the EquiCare HIPAA Compliance Plan, available to all employees and clients. Our HIPAA Privacy Officer oversees this program and ensures that all operations comply with the law.

As part of our partnership, EquiCare offers a HIPAA compliance review of our clients’ policies and procedures, as well as training for your team. Initial training is provided at the beginning of the contract, with annual follow-up training available upon request to ensure continued compliance and awareness.

By working with EquiCare, both our clients and we share the responsibility of maintaining the highest standards of patient privacy and regulatory compliance. We take our role in safeguarding PHI seriously and are committed to upholding the trust that our clients and their patients place in us.