UHealthSolutions' security policies specify that access to protected health information is role-based. Our team members only have access to the information they need to do their jobs, nothing additional.
Our team members follow the recommendations and requirements of the following:
- HIPAA (Health Insurance Portability and Accountability Act)
- HITECH (Health Information Technology for Economic and Clinical Health Act)
- FISMA (Federal Information Security Management Act)
Our security plans and policies are grounded in NIST (National Institute of Standards and Technology) guidelines — and we meet and exceed HIPAA and HITECH security standards.
Internal policies and training to protect health information
We have additional policies and procedures in place to protect the security of your organization’s information, including that of your members and patients. All protected health information remains strictly confidential and is securely encrypted for electronic media and for email transfer.
UHealthSolutions team members at all levels are required to participate in training that covers HIPAA, HITECH, NIST, FISMA, and other requirements when they initially join UHealthSolutions and on an annual basis as their employment continues. We also conduct internal awareness campaigns regularly to ensure that all employees follow data security and privacy rules vigilantly.
Annual security audit documents excellence
Our proven success in maintaining privacy and security is documented in an annual report for one of our clients, Prescription Advantage, which is the state pharmaceutical assistance program we administer in Massachusetts. By contract, Prescription Advantage requires UHealthSolutions to be audited annually by a third-party to ensure that agreed-upon privacy and security standards are met.