As required by the provisions of the Health Insurance Portability and Accountability Act (HIPAA), Metabolic Solutions, Inc. (“MSI”) does hereby assure that it will appropriately safeguard all Protected Health Information (“PHI”) as defined in 45 CFR Part 164.501 made available to, or obtained by, MSI in accordance with this Compliance Statement. Accordingly, it is the policy of MSI to meet, or exceed the legal requirements relating to PHI under HIPAA and with respect to any activity MSI performs on behalf of affected clients. Specifically MSI shall:
- Not make known to any unauthorized party any PHI other than what may be required by law;
- Use appropriate precautions to prevent any unauthorized use or disclosure of PHI;
- Promptly report any use of PHI, of which MSI is aware, that may be required by law to the client;
- Make accounting of disclosure information available that may be required by law;
- Make MSI internal PHI procedures and records received from clients available to the appropriate governing authority for purposes of determining compliance with the law, and;
- At the request of the client, return or destroy all client provided PHI that MSI maintains in its possession.
Protecting the privacy and confidentiality of information about our clients is very important to MSI. Accordingly, we strive to comply with each of the following practices in everything we do:
- We do not sell, rent, lease or otherwise disclose personal information of our clients or their patients.
- We work to ensure information integrity and security. We use technology tools and design our business practices to help ensure that the personal information of our clients is properly gathered, stored and protected.
- We work to maintain the security of, and internal and external access to, the personal information of our clients through the use of technology and business practices.
- We require our Officers, Board Members and Staff to respect the personal information of our clients. MSI has policies and practices in place to help ensure that our Officers, Board Members and Staff carry out these practices and otherwise protect personal information about our clients. Employees Officers, Board Members and Staff are subject to censure, dismissal or termination for violation of these policies.