Compliance and Security

HRS Erase utilizes the following systems and controls to protect client information:
 
Physical Security:
    • HRS Erase limits access to its facilities to one entrance where all visitors must sign in and out. Visitors are required to have an escort at all times.

Documents containing PHI are stored in locked file cabinets or records rooms when not in use by HRS Erase employees.

All documents containing PHI are shredded upon a determination that they are no longer necessary in accordance with the minimum necessary standard.

HRS Erase employees are required to minimize their computer screens containing PHI when away from their desk.

HRS Erase employs a "clean desk" policy whereby at the end of every day all PHI is removed from an employee's desk and either locked in a file cabinet or shredded.

Before discussing matters regarding patient privacy with visitors accompanying a patient, HRS Erase employees must obtain consent from the patient and document that consent.

Any PHI taken out of the office for home visits or hearings must be maintained in secure carrying cases.

HRS Erase trains all of our caseworkers with phone scripts to ensure that PHI is not disclosed to unauthorized parties.

HRS Erase conducts random audits to ensure compliance with its HIPAA policies and procedures.

Every HRS Erase employee is required to undergo initial training in HIPAA policies and procedures and also annual training from HRS Erase's HIPAA Compliance Officer/General Counsel.

 

IT Data Security

Information Technology Data Security
HRS Erase utilizes state-of-the-art network encryption systems to allow confidential and private data to be sent and received with the highest degree of security. We have the additional capabilities to send and receive email with the same level of security. Our systems integrity is checked automatically on a daily basis.

Commitment to HIPAA

HEALTH INSURANCE PORTABILITY & ACCOUNTABILITY ACT OF 1996 (HIPAA)
HRS Erase is committed to ensuring the protection of patient health information.

The following steps are taken to ensure the confidentiality of PHI:

• All documents which contain any PHI are secured in locked filing cabinets when not in use.
• All documents containing PHI are placed in secured bins for shredding.
• Computers are password protected and the screensavers are to engage within 5 minutes of non-use.
• PHI is not left on desks when employees are not present.
• Documents are quickly retrieved from the printers and fax machines.
• Use and disclosure of Protected Health Information is closely guarded, and the Minimum Standards Rule is always in effect.

Visitors:

• Because of the highly confidential protected health information the company comes in contact with daily, all visitors, personal or business, must register at the front desk.
• All visitors must sign in/out in the visitor’s log and be accompanied by a member of HRS/Erase, Inc. at all times.
• Visitors are required to wear nametags so all unauthorized individuals may be easily recognizable.
• Employees who do not adhere to this policy regarding visitors will be subject to disciplinary actions up to and including termination.