Select Page
For More Info: (888) 719-0065
Tech Support: (888) 388-2276

HIPAA Compliance

Healthcare Solutions

Hospitals, clinics, laboratories, and other healthcare facilities can fully leverage their electronic health/medical records (EHR/EMR) systems and ensure HIPAA compliance with the following solutions from CASO:

Few industries are forced to constantly change and adhere to new laws and regulations like healthcare. Being responsible for keeping and maintaining patient and employee records, processing new patients, and many other tasks can be completed without human intervention. Medical professionals everywhere will be pleased to have more time to deliver outstanding care to their patients.

Benefits of Healthcare Automation

  • Our software and integration services provide instant access to all scanned medical records and back office documents for all staff throughout the enterprise through your EHR/EMR system
  • Your HIPAA compliance risks are minimized as all documents are stored securely; you can even give auditors guest access so they can instantly find any document they seek
  • Securely maintain records for their entire life-cycle
  • Eliminate storage costs and offsite storage space
  • Reclaim space by disposing of file rooms, file cabinets, and bankers boxes
  • Decrease the amount of indexing and data entry errors

Our Solutions to Your Problems

Do you feel daunted by the prospect of embracing a fully digital medical office? Don’t be. Transitioning from paper to digital is not a complex process when using incredibly sensitive and efficient data scanning services. CASO is the only company that has the resources to scan your records onsite. If you prefer, you can also send them to us for scanning.

After your documents are scanned in, the data is extracted using powerful data capture software such as Kofax Capture software and EMC Captiva. Even more powerful are HP Autonomy TeleForm and ABBYY FlexiCapture for advanced and automated document capture.

Protect and archive your backfile, current documents and those to come with our sophisticated document management software, including EMC ApplicationXtender (AX) and both PaperVision and ImageSilo from Digitech Systems Software Solutions.

Each of these solutions can also be beneficial for back office departments that are heavily reliant on paper such as the accounts payable and HR.

HIPAA Compliance

HIPAA stands for Health Insurance Portability and Accountability Act. It is designed to standardize the industry on specific code sets and formats. Insurance payers, clearinghouses, and billing services have been spending enormous amounts of time and money to implement this regulation. The enforcement is handled by the Department of Health and Human Services Office of Civil Rights and is meant to be self-funding via the fines levied. In addition to standardizing the code sets and electronic frameworks, the law also established a minimum requirement for the protection and privacy of Personal Health Information (PHI). The specific parts of the regulation related to PHI include:

  • Regulation: §164.530 (c) Administrative Safeguard of PHI
  • Regulation: §164.530 (c) Technical Safeguards of PHI
  • Regulation: §164.530 (c) Physical Safeguards for PHI
  • Regulation: §164.530 (i) Policies and Procedures
  • 42 U.S.C. §1320d-2(d)(2) requires entities that maintain or transmit health information to “maintain reasonable and appropriate administrative, technical, and physical safeguards”.

HIPAA compliance law requires that covered entities must have Backup, Disaster Recovery, and Media Controls in effect,

  • Regulation: §164.308 Disaster and Recovery Contingency Plans
  • Regulation: §164.308 Media Controls

Since every medical practice that files electronically must comply with these regulations or face fines of up to $25,000, the need for CASO products can be readily seen. Large hospitals, clinics, and even single clinician offices will all be required to provide safeguards and security to the PHI in their care.

HIPAA Compliance – Business Requirements

CASO’s use of EMC ApplicationXtender (AX) document management software and professional services for integration with your electronic health/medical records (EHR/EMR) system, meets and exceeds many healthcare organization needs for the image-enabled aspects of records management compliance under HIPAA.

CASO’s system provides comprehensive backup and recovery in heterogeneous environments, including Windows, UNIX, Linux, and OpenVMS. Our solutions provide complete, online protection for multiple database systems, including Oracle, DB2, MS SQL Server, and Informix. Thus, CASO can provide support for your organization’s disaster recovery plan in accordance with HIPAA.

How can CASO help keep you in compliance?

Our opportunity to serve the healthcare industry is multifold:

  • Providing enterprise and individual office level disaster recovery services for HIPAA compliance, because CASO products are both scalable and easy to maintain. Many healthcare offices have only rudimentary, heterogeneous, or outdated IS environments. In such areas, CASO software supports compliance and provides a pathway to the future.
  • CASO software reports HIPAA compliance surrounding security, privacy, and access of patient information, and thus can be an ideal solution for healthcare organizations of any size – from clinics to integrated care delivery networks. Add-on capabilities provided by partners can streamline compliance reporting.
  • Hospitals, healthcare industry service providers, and others that are implementing HIPAA compliant records management solutions still have the need for organized Content Management for the portions of their operations that are not affected by the HIPAA compliance requirements, such as materials management, receivables, human resources and other operational functions. Implementation of CASO solutions in these areas can provide direct benefit to the healthcare organization’s bottom line.

Since every medical practice that files electronically must comply with these regulations or face fines of up to $25,000, the need for CASO products can be readily seen. Large hospitals, clinics, and even single clinician offices will all be required to provide safeguards and security to the PHI in their care.

HIPAA Compliance – Technical Requirements

HIPAA legislation calls for some very specific technical requirements for any software or EMR system to be implemented. CASO can help! Our products offer:

Audit Trails

CASO’s use of EMC ApplicationXtender (AX) is ODMA compliant, a software industry standard, and enables comprehensive audit trails to be established for user management, access management, and system monitoring functions for content capture and modification. In order to gain compliance, the Audit Trails functionality must be enabled. The audit trails keep the information and parameters in logs that must then be used to create the compliance reports for HIPAA. In order to generate these reports, an industry standard reporting package (such as Crystal Reports) must be obtained to generate the required documents based in the data tracked through the Documentum audit trails. Please refer to our comprehensive documentation for specific audit trail functionality. Additional audit functionality and reporting can be gained through our Professional Services.

Security Access

CASO’s Online Document Access (ODA) System offers multiple levels of security. ODA’s security offers encrypted connection for both network and web based user session initiations. Where appropriate, the use of secure sockets and other industry standard technologies are implemented. ODA provides for the granting of system access to users and to defined user groups. Furthermore, administrators or “super users” can also be defined. In addition to system level access security, ODA offers Application, Functional and Document security.

  • System Security: Two alternative security models are offered for user management regarding access control and user/group privileges for system functions – ApplicationXtender proprietary and through deferral to Windows security. Customized security deferral to alternate security protocols, such as Oracle, can be implemented by Professional Services
  • Application Level Security: This enables users and user groups to be granted access to only subsets of content based on the applications (libraries) defined within the system. Users and groups can only access the information contained within the applications to which they have rights.
  • Functional Security: This refers to security surrounding the functions that specific users or user groups can perform. With over 37 defined parameters privileges such as; add, delete, annotate, modify etc. defined and administered within the Content Management system. The privileges can be structured and held within the constraints to meet HIPAA compliance.
  • Document level security (DLS): Document level security provides an additional level of security at the individual document level within an application (library). Users and user groups can be inclusively or exclusively defined at the document level so that even with other privileges, specific content can either be presented or excluded based on the parameters established.
  • Additional Security or encryption functionality can be gained through integration or through our Professional Services if required.

Data Retention

HIPAA compliance requirements for information/data/records/image retention within the records management solution are specific. CASO’s use of the storage and archival component for ApplicationXtender meets these requirements fully.

Backup and Disaster Recovery

As outlined above, healthcare organizations are required to have disaster recovery and contingency plans in place. A solid backup and recovery strategy is a key component of disaster recovery, which can be addressed by CASO. More extensive disaster recovery plans might include remote mirroring, off-line media management, or vaulting.

Dental Claims Processing

  • Dental Claims Processing Software from ICS is an automated, high-volume claims form capture and processing solution built on EMC Captiva Capture technology. It processes all ADA-regulated dental claim forms quickly and efficiently – even those not designed for capture. ICS creates a complete workflow, allowing an insurance payer to process and pay a dental service provider or to reimburse plan members automatically and accurately.Beyond its processing efficiency, ICS Dental Claims Processing Software brings new accountability and auditing capability to the claims process. The solution generates reports using an advanced system that is easily accessible, covering metrics that will show all work queues – including manual queues – and the volume of claims within them. Diverse forms can be extracted efficiently, and typically processed the same day the claim was received.

    Features & Benefits

    • Captures black dental forms, even those not designed for automated capture
    • Built with automation and validation to reduce overall labor and increase the accuracy of extracted data
    • Image enhancement module removes black lines on a form to identify the areas needed for extraction
    • Often able to export data with no manual intervention
    • Integrates easily with back-end database and line-of-business applications
    • World-class support and development that keeps up with legislative and user changes

    EMC Certified

    Having been built on the Captiva Capture platform, the ICS Dental Claims Processing Solution is an EMC Certified solution. EMC engineers have reviewed its architecture for functional completeness, performance, scalability, security, deployability, supportability, and interoperability with associated enterprise applications. EMC Certified solutions offer tight roadmap alignment with EMC platforms, generate a rapid return on investment, and replace expensive customizations.

ECM Toolbox AP Workflow

“The CASO/Fedcap team has been exceptional. They completed the work faster and cheaper than we could have, and have always accommodated our needs. It is a pleasure working with them.”

Richard Ajimati - SUNY Downstate Medical Center

Quick Downloads

Resources at your fingertips! Simply click any solution below to download a free PDF. Not seeing what you're looking for? Check out our Resource Center for additional information.

Data Sheet: Document ScanningDownload
Data Sheet: On-Site ScanningDownload
Case Study: SUNY Downstate Medical CenterDownload

Have Some Questions?

Fill out the form below to get in touch with us. We'll get back to you right away.