Home | Services | Benefits | Request Information | HIPAA Compliance | Contact Us     HIPAA Compliance Stressed about HIPAA compliance? Don't be. CHDP System provides headache-free data security and privacy for your practice management system. With CHDP System, you'll have complete peace of mind knowing that all your transactions are fully HIPAA compliant and secure. Our solution seamlessly incorporates HIPAA compliant security and privacy measures as well as transactions into a practice’s workflow. And, more importantly, HIPAA compliance is built right in to the practice management system — there are no special charges for HIPAA upgrades. CHDP System is prepared to help you meet all of the requisite transaction, security, and privacy obligations with as little hassle as possible. If you are a client or prospect and would like more information about this fabulous solution, please contact our Sales or Customer Service teams to learn more. Transaction Sets As of October 16, 2003, all electronic claims and related transactions were required to comply with HIPAA designated standard ANSI formats. CHDP System ‘system currently handles all of its supported electronic transactions in compliance with HIPAA. Professional Claims (ANSI X12 837P): CHDP System eClaims service uses HIPAA certified clearinghouses to submit compliant 837P claim transactions to all supported payers. CHDP System also takes responsibility for transmitting the data using HIPAA compliant secure file transfer mechanisms. In addition, CHDP System allows a Claredi certified 837P file to be downloaded for our clients to submit on their own through a third party gateway. (Note that this downloaded file is certified to national standards; specific payer requirements may vary.) Electronic Remittance Advice (ANSI X12 835): CHDP System ® eRemittance service processes HIPAA compliant 835 remittance files (electronic EOBs) from payers through our partner clearinghouses. The automatic posting of payment data improves accuracy, reduces data entry costs and results in more rapid sending of patient statements. Electronic Eligibility Inquiry (ANSI X12 270/271): CHDP System offers single-source online eligibility checks for virtually every payor offering this service. Imagine how many denials you'll avoid by pre-checking insurance eligibility! Security Effective April 2005, HIPAA now mandates security measures to (1) physically AND electronically secure electronic protected health information (PHI) against unauthorized retrieval, (2) reliably store the electronic data, and (3) provide for emergency access to the data. CHDP System already has systems in place to meet these stringent security requirements — all while significantly reducing the security burden on your office and staff. Consider a traditional software system, with a server and data right in your office. Under the new Security Rule, you'll be responsible for protecting your computer-stored patient data from both physical access (break-ins, disgruntled employees, etc.) and electronic access (firewalls, complete network and user security, etc.) This presents a great challenge for small and large practices alike, on top of the regular headaches of managing backups, software installs, and more. Then add backup and reliability issues, considering that some 40-50% of all in-office tape backups fail to restore properly. It's a nightmare waiting to happen. CHDP System offers a full-service secure data management solution that removes all of the above hassles and enables much easier HIPAA compliance for your office at the same time. We store all of your electronic data in a world-class datacenter facility that features 8 levels of security measures, including biometric access, bulletproof glass, 24-hour monitoring and patrolling, locked server cages, state-of-the-art firewall protection, and NSA-approved procedures and policies. In addition, CHDP System also provides a robust 3-level backup system that gives you peace of mind regarding your backup and disaster-recovery planning. Your data is backed up securely approximately every hour, with out-of-state secure copies stored every night. Every backup is also verified to restore correctly. Other tools CHDP System provides to assist you in your Security Rule compliance: Secure transfer: CHDP System uses powerful SSL 128-bit encryption to safeguard the electronic transfer of all data — the same level of security as bank and Federal transactions. Automatic logout: The Security Rule includes requirements that users be automatically logged out after a period of time, to prevent unauthorized access of patient records. This feature comes standard with CHDP System. User logging: CHDP System automatically tracks all users logging into and out of the system for reference by a system administrator. Audit trail: The system permanently tracks any changes made to PHI, so those changes can be reviewed at any time by a system administrator. Privacy Privacy regulations protect the confidentiality of the patient's individual medical information with respect to others. These privacy regulations apply to all PHI — paper, verbal and electronic. Once any information that may reveal a patient's identity is added to a document and that document is stored or electronically transmitted, the privacy provisions are in force. CHDP System offers some key privacy tools for our clients: User roles: The system restricts access to PHI based on administrative rights and user roles, so that the electronic information is revealed only to those whom you authorize. Consent: CHDP System provides a set of helpful patient consent management tools, including electronic form storage and automated reminders. In addition, as a Business Associate of our clients, CHDP System is allowed access and use of PHI only as necessitated to deliver our contracted services to our provider clients. This includes secure storage of patient data, and access to that data as needed to perform support and consulting services requested by our clients. Our in-house support teams have strict guidelines and policies on confidentiality of and immediate destruction of PHI, once the specific support or consulting service is complete. Our HIPAA Relationships Medical providers are, of course, designated as "Covered Entities" under the regulations. Those covered entities are responsible to ensure that their agents and business partners meet certain obligations with respect to privacy and security. Such parties are designated as "Business Associates", and the provider generally will have a "Business Associate Agreement" with those parties to ensure those obligations are met. A practice management software company like CHDP System is typically a Business Associate of our clients. As such, we consider ourselves to have four primary responsibilities: Ensure that we thoroughly understand HIPAA regulations and relationships. Provide software and services that help you comply with your HIPAA obligations (and meet our Business Associate obligations to you). Assist our clients in entering into standard Business Associate agreements with us. Ensure that our agents and business partners use systems and processes that are consistent with the Business Associate obligations we have to our clients. While CHDP System is responsible for ensuring that our partners conform to our Business Associate obligations, our client providers may wish to establish direct Business Associate agreements with claims clearinghouses accessed via our software (because the providers enter into direct business agreements with them). This option should be reviewed by each covered entity with their HIPAA legal counsel. CHDP System includes a Business Associate agreement as part of its standard Terms of Service for all clients. As the HIPAA regulations continue to change and various deadlines arrive, CHDP System will continue to lead the way in providing the best tools to help you meet your HIPAA obligations. Links to Additional Resources HIPAA.org Final Transaction Rule Final Privacy Rule Final Security Rule (PDF format) HIPAA is a very detailed piece of legislation, and the information presented here should not be considered a legal opinion. The reader should consult legal counsel to obtain a legal opinion or other information required by their individual circumstance.   User Name:   Password:   Forgot Password?