POCKETALK 21-832-181 HIPAA Compliant Handheld Translation Device Instructions
- June 5, 2024
- POCKETALK
Table of Contents
POCKETALK 21-832-181 HIPAA Compliant Handheld Translation Device
Instructions
The Health Insurance Portability and Accountability Act of 1996 (HIPAA) is a U.S. federal law that required the creation of national standards to protect sensitive patient health information from being disclosed without the patient’s consent or knowledge. The HIPAA Security Rule establishes national standards to protect individuals’ electronic personal health information (ePHI) that is created, received, used, or maintained by a covered entity..The general requirements of the HIPAA Security Rule standards state that covered entities must:
- Ensure the confidentiality, integrity, and availability of all ePHI
- Detect and safeguard against anticipated threats to the security of ePHI
- Protect ePHI against anticipated impermissible uses or disclosures
- Certify compliance by their workforce.
When using Pocketalk for translation, ePHI is processed in real time through the Pocketalk translation engines, which consist of speech-to-text (transcription), translation, and text-to-speech processes. For Pocketalk Center users, ePHI is stored in Pocketalk Center.The services provided to healthcare customers by Pocketalk and Pocketalk Center are designed to facilitate HIPAA compliance by covered entities.Please see the following chart, which lists certain requirements of HIPAA (with the statute’s section number(s) referenced) and notes how Pocketalk supports the particular requirement.
Technical Data
Administrative safeguards| 164.308(a)(1)(ii)(c)
164.308(a)(2)
164.308(a)(5)(ii)(B)
| We have appointed a Chief Privacy Officer.
---|---|---
Physical safeguards| 164.310(a)(1)
164.310(a)(2)(i)
164.310(a)(2)(ii)
164.310(a)(2)(iii)
164.310(a)(2)(iv)
| We use cloud services that are compliant with HIPAA, and strictly manage
access and maintenance of the data center and its equipment.
Technical safeguards| 164.312(a)(2)(i)
164.312(a)(2)(iii)
164.312(d)
164.312(e)(1)
164.312(e)(2)(i)
164.312(e)(2)(ii)
| We assign IDs to each individual accessing the relevant information systems and access is controlled with user authentication.
Access to the database specifically is controlled using SSH authentication.
HTTPS protocol is used on both Pocketalk and Pocketalk Center, and the ePHI
that is transmitted is encrypted.
Pocketalk uses “speech-to-text, translation, text-to-speech” for its
translation, but only utilizes external services that are in compliance with
HIPAA.
Subpart E –
privacy of individually identifiable health information
| 164.502(b)
164.522(a)(1)
164.524(a)
164.524(b)
164.524(c)
164.530(a)
164.530(d)
164.530€
| Pocketalk Center manages data per user. Accordingly, the individually identifiable ePHI can be accessed securely at any time.