NuYou Med Clinic HIPAA Compliance Statement
What is HIPAA?
The Health Insurance Portability and Accountability Act became law in August 1996. Known as HIPAA, it was designed to set in motion a series of widespread measures focusing on simplifying the processing and distribution of medical information, improving the portability of health Insurance, giving patients access to medical information, and protecting patient data that is stored, processed, or transmitted across public networks.
What’s a “HIPAA-compliant” Web Site?
A Web Site that is “HIPAA-compliant” is one that provides the physical and technological security measures required to ensure that any patient information, physician-patient correspondence, and other sensitive information remains secure, confidential and unable to be digitally intercepted or otherwise accessed by outside parties. In short, a “HIPPA-compliant” Web Site means all required steps have been taken to keep private information private – It’s a “safe” Web Site.
Is NuYouMed Clinic. Web Site “safe?”
Yes, the NUYOU MED CLINIC, Inc. websites are safe. Since each Web Site (https://NUYOUMEDCLINIC.COM) can provide patient information, we have ensured that each NU YOU MED CLINIC Web Site complies with all current HIPAA guidelines. We are pleased to reassure people that its Internet security measures are continually updated and monitored and that all patient results transactions are protected and safe. NOTE: Secure pages (https:) will display a “lock” on your browser window, indicating that all the information submitted through that page is encrypted and protected.
How is the information protected?
There are a number of ways that we ensure the security of your information… Encryption. We exercise great care in providing secure transmission of your information from your computer to our servers. When you transmit personal information to us, we encrypt it using Secure Socket Layer (128 bit SSL), the industry-standard encryption technology. Encryption provides a secure means to protect your information as it passes over the Web to our servers. Firewalls. Our servers and other technical infrastructure are protected from network intrusion using firewalls and other means. Internal Access. Our employees and contractors have occasional, legitimate needs to access our data servers for purposes of system troubleshooting and maintenance. We ensure that such access is granted only to those who have such needs. All such individuals have signed confidentiality agreements and are continually made aware of their obligations regarding user information. Access is controlled via pre-assigned user accounts that require multiple levels of authentication. All staff members are periodically trained regarding security protection of their personal workstations.
Physical Site Security.
The facilities that house our servers, network devices, backup data storage media, and other equipment and information are physically secured and attended. Access is strictly limited to only those individuals who require it for a legitimate purpose.
Policies and Procedures.
We continuously evolve and update our internal information security policies and our business continuity and disaster recovery plans. We perform risk assessment, security audit, and system-test activities on an ongoing basis. Our employees and contractors receive frequent training and/or reminders regarding information security and protecting the confidentiality of your information. Standards and Regulations. We are committed to meet or exceed regulatory and industry self-regulatory guidelines regarding privacy, confidentiality, and information security. On an ongoing basis, we will review and adapt to statutes, regulations, formal private-sector standards, and informal policy guidelines as they apply. In particular, we will comply with all applicable provisions of the Health Insurance Portability and Accountability Act (HIPAA) rules for information security as those take effect. User Passwords. When you register with us, your personal information is password protected, so only you have access to it. It is your responsibility to ensure the security of your User ID and password. If you believe this security has been violated, please contact NuYouMedClinic by phone (855) 592-4683