Duplicating electronic health records: not every company is HIPAA compliant

The Health Insurance Portability and Accountability Act of 1996 (HIPAA) fundamentally changed how insurance companies, healthcare facilities, and data management firms duplicated, transferred, and stored electronic public health information (ePHI).

HIPAA created specific standards for protecting the privacy of all ePHI as part of an overall initiative to encourage the healthcare industry to make it easier for consumers to have their health records travel with them. As it became easier for various individuals, healthcare professionals, companies and organizations to handle and access a person’s health records electronically, it also made it harder to keep that information out of the wrong hands.

If you’re involved in e-health records management and are considering outsourcing CD or DVD duplication as a means of transferring, storing or distributing electronic health records, be careful – not all CD/DVD duplication/replication companies meet HIPAA regulations for receiving, processing, and distribution of data.

What is a HIPAA compliant CD/DVD duplication company? It’s one that has spent considerable time and money implementing a duplication facility that meets our clients HIPAA requirements for all aspects of securly processing, storing and duplicating HIPAA regulated files. That requires providing completely separate, secure duplication equipment with its own data network, security system, and processing.

Even the data itself needs special processing as part of the electronic health record duplication process. The data received must be encrypted using AES software encryption with two-key read/write access and all computer hard drives used in the process must be NIST-certified.

Sound daunting? It can be, which is why so few media duplication/replication companies are HIPAA compliant like us. If you’d like to know more about our HIPAA compliant duplication/replication services, contact us at Image Source.