Cascades Women's Health - HIPAA Compliance Statement

Cascades Women's Health - HIPAA Compliance Statement

The Health Insurance Portability and Accountability Act became law in August 1996. Known as HIPAA, it was designed to set in motion a series of widespread measures focused on simplifying the processing and distribution of medical information, improving the portability of health insurance, giving patients access to medical information, and protecting patient data that is stored, processed, or transmitted across public networks.

What’s a "HIPAA-compliant" Web Site?

A Web Site that is "HIPAA-compliant" is one that provides the physical and technological security measures required to ensure that any patient information, physician-patient correspondence and other sensitive information remains secure, confidential and unable to be digitally intercepted or otherwise accessed by outside parties. In short, a "HIPPA-compliant" Web Site means all required steps have been taken to keep private information private – It’s a "safe" Web Site.

Is a Web Site "safe?"

Yes. Because each physician-practice Web Site can provide a suite of patient services, wherein patients routinely communicate private information to your office and receive a multitude of services from you online, we have ensured that each Web Site complies with all current HIPAA guidelines. We are pleased to reassure our physician-clients that our Internet security measures are continually updated and monitored and that each patient service transaction is protected and safe.

NOTE: Secure pages (https:) will display a "lock" on your browser window indicating that all the information submitted through that page is encrypted and protected.

How is the information is protected?

There are a number of ways we ensure the security of your information…

Encryption. We exercise great care in providing secure transmission of your information from your computer to our servers. When you transmit personal information to us, we encrypt it using Secure Socket Layer (128 bit SSL), the industry-standard encryption technology. Encryption provides a secure means to protect your information as it passes over the Web to our servers.

Firewalls. Our servers and other technical infrastructure are protected from network intrusion using firewalls and other means.

Internal Access. Our employees and contractors have occasional, legitimate needs to access our data servers for purposes of system troubleshooting and maintenance. We ensure that such access is granted only to those who have such needs. All such individuals have signed confidentiality agreements with and are continually made aware of their obligations regarding user information. Access is controlled via pre-assigned user accounts that require multiple levels of authentication. All staff members are periodically trained regarding security protection of their personal workstations.

Physical Site Security. The facilities that house our servers, network devices, backup data storage media, and other equipment and information are physically secured and attended. Access is strictly limited to only those individuals who require it for a legitimate purpose.

Policies and Procedures. We continuously evolve and update our internal information security policies and our business continuity and disaster recovery plans. We perform risk assessment, security audit, and system test activities on an ongoing basis. Our employees and contractors receive frequent training and/or reminders regarding information security and protecting the confidentiality of your information.

Standards and Regulations. We are committed to meet or exceed regulatory and industry self-regulatory guidelines regarding privacy, confidentiality, and information security. On an ongoing basis we will review and adapt to statutes, regulations, formal private-sector standards, and informal policy guidelines as they apply. In particular, we will comply with all applicable provisions of the Health Insurance Portability and Accountability Act (HIPAA) rules for information security as those take affect.

User Passwords. If you register with us, your personal information is password-protected, so only you have access to it. It is your responsibility to ensure the security of your User ID and password. If you believe this security has been violated, please contact Account Services by e-mail at, or by phone, toll-free, at 1.888.440.6937 within the United States.

All TopicsAIDSAlcoholAllergyAlzheimer''s DiseaseArthritisArtificial InseminationAsthmaBaby NameBirth ControlBirth DefectsBladderBlood DisordersBreast CancerBreastfeedingCancerCaregivingChildrenCholesterolConceptionDepressionDiabetesDigestionDiseases and ConditionsDivorceDrug AbuseEating DisordersEmergencyEndocrineEnvironmentExerciseFamiliesFathersGene TherapyGeneral GynecologyGeneral HealthGlaucomaGrandparentsGriefHIVHPVHRTHeadachesHealthcareHeart AttackHeart DiseaseHepatitisHypertensionImmunizationsInfectious DiseaseInfertilityJob OpportunitiesKidneyLabor and DeliveryManaged CareMedical ProceduresMedication UseMenopauseMenstruationMental HealthMind and SpiritMiscarriageMouthMuscleNoseNutritionObesityOsteoporosisOveractive BladderParasitesParentingPediatric GynecologyPetsPregnancyPreventionRecallsRecipesRespiratorySIDSSTDsSafetyScreening TestsSexualityShoppingSkinSmokingStressStrokeTeethThroatThyroidTravelVitamins and SupplementsWeight LossWomenWork

*The recommendations and information provided by this Web site are for educational

purposes only. This Web site does not contain comprehensive coverage of

the topics addressed, and is not a substitute for direct consultation

with your health care provider. Always consult a health care provider regarding your

specific condition. Trademarks referred to are the property of their respective