Corporate GovernanceWe at Altegra Health have established a framework built around the organization’s missions and values by which we measure our success.
The Health Insurance Portability and Accountability Act of 1996 (HIPAA) was signed into law by President Clinton on August 21, 1996. The law created standards to ensure the privacy and security of patient health information that is transmitted or stored electronically. HIPAA provides for civil and criminal penalties for failing to comply. Because maintaining the privacy of our clients’ members is paramount to our mission, everyone at Altegra Health—all officers, managers, and employees—must complete special training. Training for new hires and annual training for all staff include an examination with an acceptable score. Altegra Health has safeguards in place to prevent unauthorized access of Patient Health Information (PHI). Any employee who violates the HIPAA policies is subject to disciplinary action up to and including termination. Compliance with these rules is everyone’s responsibility, a responsibility we take seriously.
The Privacy Rule under HIPAA sets the standards for protecting PHI, imposes limits and conditions on the use and disclosure of PHI, and specifies the certain rights patients have regarding their information. Annual HIPAA privacy training is required under these rules for all employees, contractors, and vendors.
The Security Rule under HIPAA defines the standards that require covered entities to implement basic safeguards and protect the confidentiality, integrity, and availability of electronic protected health information (ePHI).
Title XIII of the American Recovery and Reinvestment Act of 2009 (ARRA)—also called the Health Information Technology for Economic and Clinical Health (HITECH) Act—codifies and expands on many of the requirements put into effect by the Department of Health & Human Services, in accordance with the Health Insurance Portability and Accountability Act of 1996, to protect the privacy and security of protected health information. The Act requires Altegra Health to comply with the HIPAA Privacy and Security Rule provisions on administrative and physical safeguards, as well as the security breach reporting requirements.