Privacy & Security
Eastern New York’s Most Secure Health Information Exchange
Hixny prides itself on being ahead of the crowd, and there’s no exception when it comes to keeping protected health information (PHI) private, safe and secure.
Privacy and Security
As a health information exchange (HIE), Hixny complies with the many rules and regulations set forth by New York State and the federal government that govern the exchange of medical information. Hixny additionally complies with voluntary safety and security protocols in an effort to remain the most secure HIE in eastern New York.
- HIPAA Privacy Rule
- HIPAA Security Rule
- HIPAA Breach Notification Rule
- 42 CFR Part 2
- SHIN-NY Privacy and Security Policies and Procedures for Qualified Entities and Their Participants
- Minimum Acceptable Risk Standards for Exchanges (MARS-E)
- NYS Cybersecurity Requirements for Financial Services Companies (23 NYCRR 500)
- NYS Shield Act
- EHNAC’s Privacy and Security framework
- HITRUST’s Common Security Framework (CSF)
In 2018, Hixny’s system was among the first health information exchanges (HIEs) in New York to be certified by the Health Information Trust Alliance (HITRUST), the group of healthcare, business, technology and information security leaders that oversees the best practices and regulatory standards called the Common Security Framework (CSF).
The goal of the CSF is to ensure the confidentiality, integrity and availability of private data, including PHI. In fact, it could be described as a universally accepted blueprint for keeping information out of the hands of the wrong people.
Read more about what HITRUST and CSF mean for you and for Hixny.
Hixny continually audits user activity to ensure compliance with policies and procedures that have been put in place to protect and secure patient data.
Request access to our user audit reports.