HIPAA Compliance

Righteous Software Inc. recognizes Covered Entities – Health Care Providers, Payers, and Clearing Houses must make every reasonable effort to be HIPAA_compliant with regards to the Privacy and Security of Protected Health Information (PHI).

Being an applicable entity to compliances is commonly misunderstood, in the case of HIPAA you must be compliant if you’re entity is a healthcare provider, healthcare payer, or provide healthcare billing services ultimately any entities that handle individually identifiable health records must be compliant with HIPAA regulations.

A few key points in regards to R1Soft CDP Products as they relate to HIPAA regulations:

  1. Covered entities can store risk analysis documents encrypted using R1Soft CDP Products.
  2. R1Soft CDP Products meet all security requirements.  Including end-to-end strong encryption, R1Soft CDP Products can be managed by a backup service provider without requiring access to the encryption key that protects healthcare data.
  3. All backup and restore activity is logged.
  4. Passwords and encryption keys can be changed if an authorized CE’s (covered entity) member or members are terminated.
  5. Ability to grant and modify user access, user access protected with passwords.
  6. R1Soft CDP Agent is protected with RSA key authentication and the R1Soft CDP server automatically ends sessions off after completing backup operations.
  7. R1Soft CDP software has an automated process for backup frequency, and data retention.  This makes it easy for CE’s to have a HIPAA compliant data backup and contingency plan.
  8. Bare-metal disaster recovery meets and exceeds HIPAA disaster recovery requirements.
  9. R1Soft products provide adequate help to entities that must comply with the HIPAA Compliance regulations although we are not deemed Covered Entities as defined by current regulations.

Lastly, because there are no regulations or rules which address backup software in specific we do not make any claims that we are fully HIPAA compliant, although we meet and exceed most of the measures needed to have full HIPAA compliancy. If there is anything we can do to help you reach compliancy while using our software in any way let us know.

Related Links:

Overview of HIPAA
Are you a HIPAA “entity”?

HIPAA Resources
Health Care Information Technology Yellow Pages
HIPAA Advisory
History and Overview of HIPAA
US Department of Health & Human Services

HIPAA Guidance Document 45 CFR Parts 160 & 164
Federal Register 45CFR Parts 160, 162 and 164
HIPAA Glossary

HIPAA Standards
WEDI Workgroup for Electronic Document Interchange
SNIP Strategic National Implementation Process
HL7 Standards
SNOMED Systematized Nomenclature of Medicine Reference Terminology

State Hospital Associations
American Hospital Association (AHA)
American Association of Health Plans
American Health Information Management Association
Healthcare Information and Management Systems Society (HIMSS)
National Alliance for Health Information Technology

All information presented on this page is an overview of how our software relates to HIPAA Compliancy.  Righteous Software Inc. and its entities do not give legal advice on this information. Please consult with your legal counsel if you have questions about your specific situation.