Experian Health is highly sensitive to the many privacy issues surrounding consumer information. Among other things, Experian Health does the following:
Experian Health has established procedures to comply with the following regulations:
Experian Health has a commitment to provide secure and reliable services to clients and is diligent about compliance to the HIPAA Privacy and Security regulations. The Health Insurance Portability and Accountability Act (HIPAA) of 1996 is a broad federal law enacted by Congress, in part to help protect patient privacy. The part of the law that deals with privacy is intended to do the following:
As a trusted business associate with a variety of covered entities, Experian Health has implemented many safeguards, including a corporate HIPAA Security Program to effectively communicate and administer the HIPAA Privacy and Security regulations internally to associates and with business processes throughout the organization.
The HIPAA Privacy and Security Program is designed to:
With the Final Omnibus Rule that was finalized in September of 2014, Experian Health implemented the requirements of this ruling in the form of risk assessments, updated breach notification policies and process, Business Associate responsibilities and requirements and regular HIPAA training. If you have any questions related to these changes or how Experian Health can assist you in this regard, please contact Susan Hanson, Compliance and Privacy Officer, at firstname.lastname@example.org.
To learn more about this regulation, please visit: http://www.hhs.gov/ocr/privacy/hipaa/understanding/summary/index.html and http://www.hhs.gov/ocr/privacy/hipaa/understanding/srsummary.html
Concerns about an increasing misuse of existing consumer information prompted Congress to enact the Gramm-Leach Bliley Act (GLBA) in 2001. The GLBA governs the disclosure of consumer information by financial institutions by:
Under the GLBA, Experian Health is considered a financial institution. As such, Experian Health has a responsibility to maintain the privacy and security of the consumer information in its care. For more information on GLBA, please visit: https://www.ftc.gov/tips-advice/business-center/privacy-and-security/gramm-leach-bliley-act.
The Fair Credit Reporting Act (FCRA) regulates businesses that provide and use consumer reports. Anyone who uses information in a consumer report is a “user” of consumer reports. Experian Health has products that use this data and should be understood that this regulation is part of these tools.
For more information on this regulation, please visit: https://www.ftc.gov/enforcement/rules/rulemaking-regulatory-reform-proceedings/fair-credit-reporting-act.
ICD-10 — Deadline October 1, 2015
What is ICD-10?
The Department of Health and Human Services (HHS) announced in 2008 a proposed regulation that would replace the ICD-9 diagnosis code sets with the greatly expanded ICD-10-CM (diagnosis) and ICD-10-PCS (hospital procedure) code sets.
What to Expect
Experian Health implemented the acceptance of ICD-10 within applications that contain diagnosis coding in mid-2011. Although ICD-10 conversion coding is based upon the client hospital information system or practice management system, plans related to assisting clients with the ICD-10 transition will be ongoing. Clients should make Experian Health aware of any changes to HIS or PMS systems related to ICD-10 data elements, as we will want to work with your vendor changes to ensure connections or transfers of data are not interrupted.
Client communication related to this effort is available and we want to ensure that you have everything you need to be successful when these changes arise. Please contact support or the Privacy and Compliance Officer (as listed below) if you have any questions about these changes.
To learn more about this regulation, please visit CMS at www.cms.gov/home/regsguidance.asp.
All ICD-10 vendor surveys can be submitted to the individual listed below:
Susan M. Hanson
Compliance and Privacy Officer
Phone: (763) 416-1010
Please contact this individual for all questions related to privacy, security and compliance.