Home | Web Hosting | Dedicated Servers | Data Backup | Streaming Media | Resources
Regulatory Compliance /Health Insurance Portability and Accountability Act (HIPAA)

Requirement JetSet Service
Electronic personal health information (ePHI) must be protected against any reasonably anticipated threats or hazards. The data is housed in two separate Tier One data centers. Both the primary center and the secondary remote center are heavily secured.

Redundant fail-safe systems protect the data in every step of the backup and storage process.
Access to ePHI must be protected against any reasonably anticipated uses or disclosures that are not permitted or required by the Privacy Rule. The data is encrypted before transmission and is always maintained in encrypted state.

Access is restricted by password authentication.
Maintenance of record of access authorizations Access to data is date and time-stamped by user, providing a clear audit trail.
If the data is processed through a third party (JetSet), entities are required to enter into a chain of trust partner agreement JetSet enters into a Business Associate Agreement with client, in which the parties agree to electronically exchange data and to protect the transmitted data. The Agreement states that the receiver of data (JetSet) is required to maintain the integrity and confidentiality of the transmitted information.


About HIPAA

The Health Insurance Portability and Accountability Act of 1996 imposes standards for the privacy and protection of all health information that can be linked to individuals. Health and Human Services (HHS) has published final HIPAA regulations that affect virtually every area of health-related organizations in the United States, from the one-physician office to hospitals, health systems, HMOs, health care support services, and others. Part of this act is focused on the secure storage and transmission of confidential patient data over computer networks. Privacy regulations were released in December 2000. They were made final on April 14, 2001, and went into effect in April 2003.

Non-compliance carries stiff civil and criminal penalties.

All health care organizations are affected in some way by HIPAA. The entities that are affected include all health care providers (even one-physician offices), health plans, employers, public health authorities, hospitals, life insurers, clearinghouses, billing agencies, information systems vendors, service organizations, and universities.

A broad definition of personal health information (PHI) includes - All individually identifiable health information in ANY form or media including subsets of health information such as demographics. The HIPAA privacy mandate defines who is authorized to access information (the right of individuals to keep information about themselves from being disclosed). HIPAA requires the ability to establish and maintain reasonable and appropriate administrative, technical, and physical safeguards to ensure integrity, confidentiality, and availability of the information.

Healthcare organizations are required to individually assess their security and privacy requirements and take suitable measures to implement electronic data protection (both while in transit and during storage).

If the data is processed through a third party (JetSet), entities are required to enter into a chain of trust partner agreement. This is a contract in which the parties agree to electronically exchange data and to protect the transmitted data. The sender and receiver of data are required and depend upon each other to maintain the integrity and confidentiality of the transmitted information.


Report Technical Issues
Product & Service Inquiry
Configure Your E-mail
Jetset Online Help

About Our Company
TRUE Partnership Program
Customer Testimonials
Contact Us

Home | Hosting | Referral Program | Glossary of Terms | Request A Quote
Privacy Policy | Terms & Conditions | Become a JetSet TRUE Partner
Copyright 2006-2007 JetSetHosting.com. | All rights reserved.