PRIVACY POLICY

GENERAL

We care about providing you with tools and information to manage and protect your online privacy. We have developed this privacy policy to inform you about what information this web site collects, who may receive that information, what we may do with the information, and how long we keep it. While we have made every attempt to make this policy as clear as possible, if you have any further questions about it, feel free to contact us.

YOUR INFORMATION

We will not give out any information you submit at our site to any third parties except in compliance with a request of a law enforcement agency. Under no circumstances will your name, e-mail, phone number or address be sold to, or given to any other parties. We will never willfully sell, lease, or rent any of your or your business’ personally identifiable information to any third party.

COLLECTED INFORMATION

Your personal information is collected through our contact forms only. This website currently has no applications or programs that gather information from your computer without your consent. Users are required to give us contact information (e.g., your name and email address) and demographic information (e.g., your zip code). Certain information, such as your email address, is collected in order to verify your identity and for use in our records. Information collected at this website is kept in our records only as long as is necessary to provide requested services to our clients.

HIPAA COMPLIANCE STATEMENT

We at DT-Trak realize that our clients must comply with all aspects of confidentiality of patient data. We require access to numerous data elements associated with claims, including patient and provider information. As such, DT-Trak has taken steps to ensure its compliance with both the Gramm-Leach-Bliley Act and HIPAA requirements.

Our key aspects to our existing policies include, but are not limited to, the following:

All DT-Trak employees are required to sign a confidentiality agreement with DT-Trak. These agreements provide DT-Trak the right to terminate employment, if the confidentiality breach is deemed to be significant, harmful or damaging to DT-Trak, its clients, and its client’s insured members. These confidentiality agreements also provide sanctions for employees as recommended by HIPAA.

All patient and provider specific information that we receive or generate as a result of delivering our services is treated as confidential, and it is not disclosed to those who do not have a need to view it in relation to the services we deliver to our clients. The electronic data is stored on secure computer servers and PC workstations, which require a unique user name and password to access such data.

All patient and provider information that exists in printed format is contained within designated working spaces. Information that requires mailing is secured in a sealed envelope prior to leaving HDI’s premises.

All DT-Trak Client and Vendor agreements include a Business Associate Addendum. The incorporation of this Addendum ensures that all parties involved in the use and/ or disclosure of protected health information to be in compliance and that they will remain in compliance with current HIPAA Regulations. The Addendum also outlines the procedures the parties must follow, with regard to protected health information, upon termination of their Agreements.

In relation to many significant areas of HIPAA, our compliance is as follows:

UNIFORM CODES AND DATA TRANSMISSION

DT-Trak currently accepts data directly from our clients. Therefore, we are able to receive and re-transmit data to our clients or other parties involved with the delivery of our services in HIPAA compliant formats. With regard to data elements, formats and definitions, we have a plan to ensure that its software is updated with the latest medical data code sets, through our partnership with various vendors and other healthcare data source providers.

We will continue to monitor the latest HIPAA news and legislation to ensure our compliance, where required and as agreed upon with our clients.

PRIVACY AND SECURITY

We understand the sensitivities and the seriousness associated with the privacy of healthcare data. We also understand that covered entities are required to contract with business associates that will also be handling individually identifiable healthcare data and that policies and procedures must be put in place in order to ensure the privacy and security of such data.

Therefore, the following steps have been taken:

We have designated a Privacy Officer. The Privacy Officer has the responsibility for the development and implementation of DT-Trak’s policies and procedures. This position also works closely with clients to understand their requirements, and then ensure that DT-Trak complies with them. The Privacy Official is also the person responsible for monitoring the ongoing requirements of HIPAA, if any, and is designated to receive complaints with regard to privacy compliance.

We have established “logging” mechanisms that will document access to protected healthcare information.
We have established training programs focused on privacy policies so that our employees learn how to appropriately handle individually identifiable health data according to HIPAA mandates.
We have established procedures to receive and resolve complaints, plus sanctions for employees who fail to comply with privacy policies. HDI takes non-compliance with privacy policies seriously, and promotes a zero tolerance policy. We have also established physical safeguards for information, including protection around electronic processing and storage.

SUMMATION

If you have any questions about this privacy statement or the practices of this site, please contact us.
DT-Trak Consulting, Inc.
Contract Manager/Privacy
Email: Privacy@dt-trak.com

HIPAA WEBSITES

https://aspe.os.dhhs.gov/admnsimp
www.cms.gov
www.HIPAAdvisory.com
The National Council for Aging Care’s Tips For Selecting Medicare & Social Security