HIPAA is an acronym for the Health Insurance Portability & Accountability Act of 1996 (August 21), Public Law 104-191, which amended the Internal Revenue Service Code of 1986. Also known as the Kennedy-Kassebaum Act, the Act includes a section, Title II, entitled Administrative Simplification, requiring improved efficiency in healthcare delivery by standardizing electronic data interchange, and protection of confidentiality and security of health data through setting and enforcing standards. More specifically, HIPAA called upon the Department of Health and Human Services (HHS) to publish new rules that will ensure:

1. Standardization of electronic patient health, administrative, and financial data
2. Unique health identifiers for individuals, employers, health plans, and health care providers
3. Security standards protecting the confidentiality and integrity of "individually identifiable health information", past, present, or future

www.hhs.gov/ocr/hipaa

PROTECTION OF INFORMATION
We do not see patients in our office, therefore we do not have a large volume of people that have access to our information. All visitors to the office are greeted at the entrance by an employee and escorted to the proper location for their meeting. If an employee is away from their workstation, each computer has a password protected screensaver. We follow the minimum necessary standards when providing information on a patient account. Each employee is issued a user ID and unique password for their computer. This information is known only to the employee. If patient information is out on a desk and the employee leaves the area, it is turned face-down or covered on the desk. All patient information is kept behind locked doors at the end of the workday.

CLAIM HANDLING
We use a clearinghouse that is HIPAA compliant to send all electronic claims. Our software vendors are also HIPAA compliant.

CONFIDENTIALITY
Each employee signs a confidentiality agreement when hired. The procedure for violation of this agreement is reprimand or dismissal, depending on the severity of the breach.

MMDS establishes business-associate contracts with our clients.