HIPAA Statement

On August 21, 1996, President Clinton signed the Health Insurance Portability and Accountability Act, known as HIPAA. This law impacts all areas of the health care industry and was designed to improve the efficiency of health care by standardizing the exchange of administrative and financial data, and to protect the privacy, confidentiality and security of health care information. The main reason for HIPAA is to enable the health care industry to take advantage of the Internet as a vehicle for cost reductions and improved availability and security of the healthcare information. 

A major concern in the law was the security and privacy of electronic health records as well as their transmission between health care entities. The security standards HIPAA mandates are not product-specific. They are designed to provide an industry "best practice." Security consists of more than just firewalls - organizations must ensure the confidentiality and integrity of their health records, and transmission of data must be authenticated and have the property of non-repudiation. Additionally, security policies and procedures must be documented and implemented.

At P&M Billing, the confidentiality of our customers' data is a fundamental concern, and thus we have taken a number of technological and administrative steps in order to protect such data. The information system we use has a number of security mechanisms designed to permit only the sender, recipient and providers authorized personnel to have access to the data passing through the system. In addition, P&M Billing has a policy requiring all employees to read and sign a confidentiality agreement. This agreement states that the employee understands that we process confidential data, and that the employee agrees not to directly or indirectly disclose any information in an inappropriate manner. P&M Billing aggressively enforces this and other agreements applicable to confidential data. Confidentiality obligations are also an integral part of our business and trading partner agreements with entities we do business. P&M Billing will neither pursue nor knowingly retain a customer relationship with an entity that is either unwilling or unable to comply with reasonable privacy and confidentiality obligations.

P&M Billing recognizes that the transfer of medical data must be carried out in a manner that minimizes the risks of inappropriate disclosure and that safeguards the privacy and confidentiality of data that may identify individuals in their roles as patients and consumers. P&M Billing’s corporate policy is to observe all existing state and federal laws and regulations relating to the transmission, storage, and access to records and other health care data, and to maintain the security and confidentiality of patient-specific information. Therefore, P&M Billing is taking steps to comply with the relevant HIPAA regulations in advance of the mandatory compliance dates contained therein. P&M Billing full compliance with the HIPAA regulations is expected no later than the specified compliance dates for health care clearinghouses. In addition, the information system is designed to help our customers and trading partners move towards HIPAA compliance by facilitating the transfer of protected health information through a HIPAA compliant information network.

P&M Billing’s administrative, technical and physical safeguards are designed to maintain the integrity and confidentiality of our customers' data. These safeguards, discussed above as required by HIPAA, as well as all P&M Billing corporate policies, are continually being reviewed and updated as part of P&M Billing's ongoing effort to protect the confidentiality of our customers' data, to comply with applicable law and remain a leader in the health care management services industry.