HIPAA Compliance

CoagTrak® provides headache-free data security and privacy for your anticoagulation management system. With CoagTrak®, you'll have complete peace of mind knowing that all your actions are fully HIPAA compliant and secure. Our solution seamlessly incorporates HIPAA compliant security and privacy measures. And, more importantly, HIPAA compliance is built into to the anticoagulation management system.


Effective April 2005, HIPAA now mandates security measures to (1) physically AND electronically secure electronic protected health information (PHI) against unauthorized retrieval, (2) reliably store the electronic data, and (3) provide for emergency access to the data. CoagTrak® already has systems in place to meet these stringent security requirements.

Consider a traditional software system, with a server and data right in your office. Under the new Security Rule, you'll be responsible for protecting your computer-stored patient data from both physical access (break-ins, disgruntled employees, etc.) and electronic access (firewalls, complete network and user security, etc.) This presents a great challenge for small and large practices alike, on top of the regular headaches of managing backups, software installs, and more. Then add backup and reliability issues, considering that some 40-50% of all in-office tape backups fail to restore properly. It's a nightmare waiting to happen.

CoagTrak® offers a full-service secure data management solution that removes all of the above hassles and enables much easier HIPAA compliance for your office at the same time. We store all of your electronic data in multiple world-class datacenter facility that features 8 levels of security measures, including biometric access, bulletproof glass, 24-hour monitoring and patrolling, locked server cages, state-of-the-art firewall protection, and NSA-approved procedures and policies.

In addition, CoagTrak® also provides a robust backup system that gives you peace of mind regarding your backup and disaster-recovery planning. Your data is backed up securely at the close of each day. Every backup is also verified to restore correctly.

Other tools CoagTrak® provides to assist you in your Security Rule compliance:
  • Secure transfer: CoagTrak® uses powerful SSL 128-bit or 256-bit(depending on the browser) encryption to safeguard the electronic transfer of all data - the same level of security as bank and Federal transactions.
  • Automatic logout: The Security Rule includes requirements that users be automatically logged out after a period of time, to prevent unauthorized access of patient records. This feature comes standard with CoagTrak®.
  • User logging: CoagTrak® automatically tracks all users logging into and out of the system for reference by a system administrator.
  • Audit trail: The system permanently tracks any changes made to PHI and tracks views to the PHI, so those changes can be reviewed at any time by a system administrator.

Privacy regulations protect the confidentiality of the patient's individual medical information with respect to others. These privacy regulations apply to all PHI - paper, verbal and electronic. Once any information that may reveal a patient's identity is added to a document and that document is stored or electronically transmitted, the privacy provisions are in force.

CoagTrak® offers some key privacy tools for our clients:
  • User roles: The system restricts access to PHI based on administrative rights and user roles, so that the electronic information is revealed only to those whom you authorize.
In addition, CoagTrak® is allowed access and use of PHI only as necessitated to deliver our contracted services to our provider clients. This includes secure storage of patient data, and access to that data as needed to perform support and consulting services requested by our clients. Our in-house support teams have strict guidelines and policies on confidentiality of and immediate destruction of PHI, once the specific support or consulting service is complete.

Our HIPAA Relationships

Medical providers are, of course, designated as "Covered Entities" under the regulations. Those covered entities are responsible to ensure that their agents and business partners meet certain obligations with respect to privacy and security.

As the HIPAA regulations continue to change and various deadlines arrive, CoagTrak® will continue to lead the way in providing the best tools to help you meet your HIPAA obligations.

HIPAA is a very detailed piece of legislation, and the information presented here should not be considered a legal opinion. The reader should consult legal counsel to obtain a legal opinion or other information required by their individual circumstance.