Frequently Asked Questions
Find answers to common questions about our services, HIPAA compliance, and healthcare data security.
What
What is HIPAA and how does it affect my medical information?
HIPAA (Health Insurance Portability and Accountability Act) is a federal law that creates national standards to protect sensitive patient health information. This law is not just a set of guidelines - it's a crucial safeguard for your most personal medical data. When healthcare providers aren't HIPAA compliant, your private medical information is at risk of being exposed, stolen, or misused.
Without proper HIPAA compliance, your medical records could be:
- Accessed by unauthorized individuals
- Shared without your permission
- Stored insecurely, making them vulnerable to data breaches
- Used for identity theft or insurance fraud
- Sold to third parties without your knowledge
When healthcare providers fail to maintain HIPAA compliance, they're not just breaking federal law - they're putting your privacy at risk. Your medical history, test results, prescriptions, and personal information could be compromised. This isn't just about paperwork; it's about protecting your right to medical privacy and preventing potential discrimination, embarrassment, or financial harm that could result from exposed health information.
Healthcare providers who appear in our directory have been identified as potentially non-compliant with these critical federal regulations. This means they may not have the proper safeguards in place to protect your sensitive medical information. It's crucial to ensure your healthcare provider maintains strict HIPAA compliance to protect your privacy and maintain the confidentiality of your medical records.
How
How do I claim my listing?
Providers can claim their listing by clicking the 'Claim My Listing' button on their profile page. Once you create an account, you will be able to claim your listing by entering the name of the practice or the NPI number. As long as your email matches the email we have on file your listing will be claimed. You can also claim your listing by calling us at (713) 364-5714 from your office phone. If you have any issues claiming your listing, please contact us at support@medfeds.com.
State and Federal Collaboration
Are you a federal or state agency? How does MedFeds work with regulatory agencies?
MedFeds.com, Inc. is a private company dedicated to promoting compliance with HIPAA and state-mandated Protected Health Information (PHI) regulations. We collaborate with government agencies, including the U.S. Department of Health and Human Services (HHS) and the Office for Civil Rights (OCR), to identify and report potential HIPAA violations. Our team meticulously documents and formats reported violations according to OCR and HHS guidelines, streamlining investigative processes.
What happens when a HIPAA violation is reported through MedFeds?
Upon receipt of a reported violation through our platform, we initiate a rigorous validation and documentation process. If the reported violation is substantiated, it is recorded in our violation directory. We then engage with the healthcare provider to facilitate resolution. In cases where resolution is not achieved through direct engagement, a comprehensive report is prepared for submission to the Office for Civil Rights (OCR). This report provides detailed findings that may prompt the OCR to initiate their own investigation, which could include audits and potential criminal investigations. Additionally, a detailed report of the substantiated violations is provided to the U.S. Department of Health and Human Services (HHS).
What are the penalties for HIPAA violations?
Civil Penalties (OCR):
- These are tiered, ranging from $100 to $50,000+ per violation, depending on the level of culpability (unknowing, reasonable cause, willful neglect).
- Annual caps apply.
Criminal Penalties (DOJ):
- These are for intentional violations.
- Fines range from $50,000 to $250,000, with prison sentences of up to 10 years, depending on the severity of the offense.
The numbers are subject to change due to inflation. It is always best to check the current OCR and DOJ websites for the most up to date information.
How does MedFeds help healthcare providers comply with OCR requirements?
We provide guidance and support to help healthcare providers meet OCR compliance standards. This includes regular audits, documentation assistance, and implementation of corrective measures when needed. We also help providers prepare for potential OCR investigations or audits.
General Questions
How quickly can I expect a response to my inquiry?
We typically respond to all inquiries within 1 business day. For urgent matters, you can use our live chat feature during business hours or call us directly at (713) 364-5714.
Do you offer emergency support?
Yes, we provide 24/7 emergency support for critical security and compliance issues to our active clients. Our team is always ready to respond to urgent HIPAA compliance concerns.
What areas do you serve?
We provide services to healthcare providers throughout the United States, with both remote and on-site support options available. Our team can assist with HIPAA compliance and data security needs regardless of your location.
Services & Compliance
How are providers rated?
Providers are rated on a 1, 2, and 3 star system based on the depth of the data privacy compliance evaluation they elected to participate in. The more stars, the more a provider is trusted and the safer your information is.
Trust Level I (1 Star):
Providers are given 1 star for a basic level evaluation. At this level, the provider completes an online questionnaire detailing their compliance with basic HIPAA regulations.
Trust Level II (2 Stars):
2 star providers have participated in a more rigorous virtual evaluation. Along with a more detailed questionnaire, their facility and data practices are visually inspected by a HIPAA certified MedFeds professional.
Trust Level III (3 Stars):
3 star providers are evaluated in person and at the highest level. They participate in our most extensive evaluation. With 3 star providers, you can be sure your medical records are safe.
Our trust level system helps patients make informed decisions about which providers they can trust with their sensitive medical information.
How can I schedule a compliance evaluation?
You can schedule a compliance evaluation through our contact form, by calling us directly, or by using the live chat feature. We'll arrange a convenient time to assess your current HIPAA compliance status.
What does the monthly monitoring service include?
Our monthly monitoring service includes continuous compliance assessment, regular security audits, incident response support, and detailed monthly reports with recommendations for improvement.
How do you handle potential HIPAA violations?
When a potential violation is reported, we investigate the claim, document the findings, and work with the healthcare provider to address any compliance issues. We maintain confidentiality throughout the process.
Technical & Security
How do you ensure the security of submitted information?
We use industry-standard encryption and security measures to protect all submitted information. Our systems are regularly audited and updated to maintain the highest level of security.
Can you integrate with existing healthcare systems?
Yes, our custom software solutions are designed to integrate with existing healthcare systems while maintaining HIPAA compliance and data security standards.
What security certifications do you maintain?
We maintain various security certifications and comply with industry standards. Our team regularly undergoes security training and certification updates.