Security is one of the most important considerations when handling personal information of members and we take it very seriously at OTC Benefit Solutions. We are HIPAA compliant and strive to protect member data at all times. Here are a few of the most important security protocols that we have perfected from years of working with Health Plans to provide members with OTC products:
HIPAA training
All of our office personnel are trained in HIPAA regulations so that even if someone who is not directly involved with programs for our Health Care Plans comes across PHI, they know what it is and the proper way to protect member information.
Limiting access
Only a few key personnel have access to Personal Health Information (PHI) and only system administrators can access the server where the information is kept. With fewer ways to access information, there are less opportunities for unauthorized access or loss information.
Secure Disposal
We contract with a company for secure shredding of all sensitive paper documents, and this is all held in a locked bin with restricted access.
Locked cabinets for printed orders
All printed orders or member information is kept in locked cabinets and only accessed by those who need the information. This restricts access to just employees who should have the information.
Encrypted hardrive
All digital PHI is stored on a secured hardrive that has restricted access for just a few key employees. The hardrive is password protected and separated from our internal server. Compartmentalization of data and access helps us to protect PHI from anyone who doesn’t need to access it.
Passwords
All our terminals are password protected and they have a mandatory password change every 6 months to assure better protection for the long term. Our passwords are all generated by a secure password generator to make them less susceptible to password guessing or a brute force attack.