What is HIPAA?


HIPAA is the abbreviation for the Health Insurance Portability and Accountability Act, formulated in 1996. HIPAA regularizes the accessibility and comprehensiveness of group health plans and some specific health insurance policies. It is a revised version of the Employee Retirement Income Security Act, the Public Health Service Act, and the Internal Revenue Code. These directives include the much talked about patient privacy and Safety regulations that depict the US government’s involvement in regularizing these rules in the healthcare industry. The main aim of the act is to ensure that healthcare authorities maintain the privacy of the patients regarding their health information and the rights they are bestowed as privacy rights.

We are HIPAA Compliant!

Abiding by the privacy rules of HIPAA, One Source Medical Billing maintains complete confidentiality of the patient’s personal information. We are a business associate (BA) with HIPAA, where BA is an associate who carries out the functions being monitored by covered entities (CE) to protect the information.

We are very strict regarding compliance. We have taken various steps and made our process completely compliant with HIPAA directives. You can be assured of the highest security policies followed here.

All client and/or patient information is safely encrypted to be accessed by only assigned personnel in an authorized way. Your privacy and safety are our major priorities at One Source Medical Billing. All our policies are dedicated to following HIPAA guidelines and confidentiality.

The services at One Source Medical Billing are designed to assure HIPAA compliance in the following way:

  • Each employee from One Source Medical Billing is bound by a confidentiality agreement that declares that they are not entitled to use, disclose, or provide anyone else the personal information that they come to know.
  • Infringement of the terms in the agreement can result in legal action and will lead to termination.
  • HIPAA-compliant encrypted email systems and secured, encrypted servers with redundant backups.
  • Access card and biometric systems are employed to ensure authorized entry only. The security system is monitored manually around the clock, which leaves no chance of unwanted intrusion.
  • No one has access to the restricted zones, such as the server room, and has limited entry, and only the administrator and authorized personnel are allowed.
  • The entire system is computerized, with access to Email and internet to the designated personnel. Access is protected with passwords that are different for each staff member.