Community Record of Care for Accountable Communities of Health

Protecting Patient Privacy

MIN-NS and all our infrastructure providers, including HealthUnity, use the latest web-based security technologies to protect sensitive health information on our network.

Measures taken to ensure compliance with HIPAA and other privacy laws and requirements governing the use and movement of health information include:

  • Every HIE subscriber and its workforce agree to protect patient information according to HIPAA regulations and MIN-NS Use Policy when joining the network and at each login
  • Password protection and encryption on all web-based applications
  • Audit logs on 100-plus data access and transmission events stored in a secure database and compiled for review as needed
  • Secure Data Center with fully redundant systems and 24/7/365 security monitoring

MIN-NS SECURITY RESPONSIBILITIES

  • Monitor or provide for monitoring activity in all HIE services, information systems and facilities where HIE services are operating
  • Report to Participant and other appropriate parties any security incident or unauthorized use or disclosure of PHI of which we become aware
  • Investigate and document any security incident reported by Participant which may affect HIE services, information systems or facilities where HIE services are operating
  • Suspend or limit access to a Participant whose failure to comply with the Security Policy results in a material vulnerability or Curable Breach; reinstate after compliance achieved