Policy:It is the policy of Integrated Telehealth Services (ITS) to adhere to all HIPAA policies and requirements.

Purpose:
To acknowledge our duty and responsibility to protect the privacy and security of Individually Identifiable Health Information (IIHI) generally, and Protected Health Information (PHI) as defined in the HIPAA regulations, under the regulations implementing HIPAA, other federal and state laws protecting the confidentiality of personal information, and under principles of general and professional unimpeded flow of health information and appropriate purposes.

Standards:
- All employees will complete HIPAA training and provide certification to be on file.
- All employees will update HIPAA training and certification prior to expiration of certification.
- All employees will update HIPAA training and certification prior to expiration of certification.
- Full compliance with HIPAA is mandatory and failure to comply can bring severe sanctions and penalties.
- Any employee who does not adhere to HIPAA compliance is subject to immediate termination.
- Full compliance with HIPAA strengthens our ability to meet other compliance obligations, and will support and strengthen our non-HIPAA compliance requirements and efforts.