HIPPA Compliance Policy

Effective Date: December 1, 2024

MyCare Home Health Services LLC ("we," "our," or "us") is dedicated to maintaining the confidentiality, integrity, and security of protected health information (PHI) in compliance with the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and related regulations. This policy outlines our commitment to safeguarding PHI and ensuring compliance with HIPAA requirements.

1. Definitions

  • Protected Health Information (PHI): Any information related to an individual’s health, healthcare, or payment for healthcare that can identify the individual (e.g., name, address, medical history, or insurance details).

  • Covered Entity: MyCare Home Health Services LLC qualifies as a covered entity under HIPAA because we provide healthcare services and transmit health information electronically.

  • Business Associates: Third parties that provide services to us and require access to PHI (e.g., billing companies, IT providers) are required to sign Business Associate Agreements (BAAs) to ensure compliance.

2. Safeguards to Protect PHI

To protect PHI, we implement the following safeguards:

Administrative Safeguards:

  • Conduct regular risk assessments to identify and address vulnerabilities in how PHI is handled.

  • Provide mandatory HIPAA training for all employees to ensure awareness of compliance requirements.

  • Restrict access to PHI based on job roles and responsibilities.

Physical Safeguards:

  • Secure physical locations where PHI is stored (e.g., locked filing cabinets or offices).

  • Limit physical access to authorized personnel only.

  • Implement protocols for disposing of PHI, including shredding paper records and securely deleting electronic files.

Technical Safeguards:

  • Use encryption to protect electronic PHI (ePHI) during transmission and storage.

  • Implement password protection and multi-factor authentication for systems accessing ePHI.

  • Monitor systems for unauthorized access or breaches and conduct regular audits.

3. Use and Disclosure of PHI

We will use and disclose PHI only as permitted under HIPAA, including:

  • Treatment: Sharing PHI with healthcare providers to coordinate care.

  • Payment: Using PHI for billing and payment processing.

  • Healthcare Operations: Using PHI to evaluate and improve our services.

We will not use or disclose PHI for purposes not permitted under HIPAA without obtaining written authorization from the individual.

4. Individual Rights Under HIPAA

Individuals have the following rights regarding their PHI:

  • Access to PHI: You can request a copy of your PHI or review it.

  • Amendments: You can request corrections to your PHI if you believe it is inaccurate or incomplete.

  • Accounting of Disclosures: You can request a list of instances where your PHI was disclosed for purposes other than treatment, payment, or healthcare operations.

  • Restrictions: You can request restrictions on how we use or disclose your PHI.

  • Confidential Communications: You can request that we communicate with you through alternative means or locations.

To exercise these rights, please contact us using the details provided in the "Contact Us" section.

5. Reporting and Responding to Breaches

In the event of a breach involving PHI:

  • We will investigate the breach promptly and take steps to mitigate any harm.

  • We will notify affected individuals, the U.S. Department of Health and Human Services (HHS), and, if required, the media, in accordance with HIPAA’s breach notification requirements.

  • We will implement corrective actions to prevent future breaches.

6. Employee Responsibilities

  • Employees are required to maintain the confidentiality of PHI at all times.

  • Employees must complete HIPAA training and adhere to this policy.

  • Any employee who violates this policy may face disciplinary action, up to and including termination.

7. Business Associate Agreements (BAAs)

We require all business associates who handle PHI on our behalf to sign a BAA that outlines their responsibilities to protect PHI and comply with HIPAA regulations.

8. Complaints

If you believe your rights under HIPAA have been violated, you may file a complaint:

  • With MyCare Home Health Services LLC by contacting us directly (details below).

  • With the U.S. Department of Health and Human Services Office for Civil Rights.

We are committed to addressing complaints promptly and without retaliation.

9. Contact Us

For questions, concerns, or complaints regarding this policy or the use of PHI, please contact us:

  • Phone: (781) 490-6034

  • Email: info@mycarehomehealthservices.com

By using our services, you acknowledge and agree to this HIPAA Compliance Policy. We are committed to protecting your privacy and providing quality care in accordance with HIPAA standards.