Submit A Referral

HIPAA

In 1996, Congress passed the Health Insurance Portability and Accountability Act, commonly referred to as HIPAA, detailing new regulations for protecting the confidentiality of patient healthcare information. These regulations affect how Comp-X conducts patient transportation operations, requiring both Comp-X and our clients to carefully examine how each of us manages healthcare information and patient records. In short, HIPAA requires us to:

  1. Protect the confidentiality of patient healthcare information. The “protected health information” (PHI) of patients must be identified and remain confidential from the point it is recorded by an EMS client, transferred to Comp-X for billing purposes, used by Comp-X to file insurance claims or mail invoices and stored by Comp-X and/or an EMS client for record keeping purposes.
  2. Never disclose PHI unless permitted to do so. Comp-X and our clients can only use PHI and related healthcare information for the purposes of filing insurance claims, mailing invoices and conducting legitimate business operations related to financial transactions, record keeping and the administration of a transportation system. All other uses of PHI must be approved by the patient prior to the release of such information.
  3. Allow patients to view and amend PHI if requested. Clients must establish a record keeping system that allows patients to view and (in some cases) amend their PHI. Amending the PHI of a patient is permitted under certain circumstances, but can be denied in others. In all cases, the patient has a right to view their PHI along with a record of other parties who had access to such information.
  4. Report disclosures of PHI, if they occur. Comp-X and our clients must report inadvertent or purposeful disclosures of PHI to the patient, if they occur. Such disclosures may involve civil or criminal penalties.
  5. Provide accountability for PHI practices. Both Comp-X and our clients must provide accountability for business practices, record keeping and information management related to the use or storage of PHI to the Federal Department of Health and Human Services (HHS), if requested.

WHAT WE BOTH HAVE TO DO!

To meet these requirements, Comp-X and our clients must enter into a “Business Associate Agreement,” outlining the responsibilities of each organization with respect to HIPAA. This agreement defines the role of each organization:

Comp-X has instituted a HIPAA compliancy program for all client-billing operations. This program is described by the MedX HIPAA Compliancy Plan, available at each Comp-X office. The program is administered by the Comp-X HIPAA Privacy Officer.

As part of a non emergency transportation services and transportation contract with our clients, Comp-X can provide a HIPAA compliancy review of your organization policies and procedures and EMS client employee training. Training is provided at the beginning of the contract period with follow-up training conducted annually at the EMS client request.

Offering the best in medical services

Let us help you get started!