ESI Healthcare Business Solutions LLC (ESI) understands the importance of both the sensitivity of the information that the company receives, transmits, and stores regarding patients and the moral, legal and ethical responsibility for maintaining the privacy of the information. This Protected Health Information (PHI) is covered under the HIPAA statutes administered by the Office of Civil Rights and ESI makes every effort to ensure not only strict compliance with the regulations, but also to safeguard our data above and beyond the statutory requirements.
Under HIPAA, ESI is classified as a ‘Business Associate’. ESI typically does business with ‘Covered Entities’, but in some instances the company also deals with other Business Associates. As a Business Associate, we must safeguard PHI and ensure that it remains confidential. We are prohibited from disseminating PHI to unauthorized users and we are responsible for the data when it is in our control.
If we were to accidentally release any PHI, we are responsible for notifying the Covered Entity and the individuals affected.
Covered Entities must have HIPAA language in their Business Associate contracts. ESI has agreed in our Business Associate agreements to be in compliance will all state and federal laws, including HIPAA, and that we will meet or exceed the minimum standards in safeguarding PHI.
The information below describes how ESI handles PHI for our products:
Contract Administration Payment Solutions (CAPS) – ESI receives PHI from Covered Entities and provides claim adjudication information to the Covered Entities. PHI is securely sent and received. Only those individuals who work with the data have the ability to access the data. All desktops and laptops are encrypted. We do not share this data between different non-related Covered Entities, and provide detailed reports that contain PHI and other summarized reports that do not contain PHI. Those containing PHI are only sent to authorized users.
Pharmacy Products – ESI Rx HistoryTM is the only pharmacy product whereby ESI retrieves, stores and transmits PHI. This service allows authorized healthcare providers to access a patient’s medication history at the point of care. ESI retrieves this information from data stored in databases from several different pharmacy sources, consolidates the information and returns the medication history information to the requesting healthcare provider in a consistent format. Providers must attest that they have patient consent to retrieve the medication history before any action is taken to obtain medication history.
Access to your information and complaints:
ESI Healthcare Business Solutions LLC
Attention: Privacy Office
4144 N. Central Expressway, Suite 210
Dallas, TX 75204