If you’re a healthcare organization of any kind, you’re no doubt familiar with the ins and outs of the Health Insurance Portability and Accountability Act, or HIPAA. There are many aspects to this piece of legislation that make becoming and remaining HIPAA compliant no idle task. One of the most important rules is the Privacy Rule.

The Privacy Rule protects all “individually identifiable health information” held or transmitted by a Covered Entity or its Business Associate, in any form or media, whether electronic, paper or oral. The Privacy Rule calls this information Protected Health Information (PHI). PHI can include many common identifiers such as patient names, addresses, contact information, birth dates, social security numbers, medical history and more. Even parts of names or a license plate number can be considered PHI since this information could be used to identify a patient. 

Nearly everyone in the healthcare field is considered a “Covered Entity” and needs to follow HIPAA requirements. “Business Associates” are entities that provide third-party services to Covered Entities in which they will encounter PHI. These are your cloud storage services, IT contractors, payroll and accounting providers and yes, even your mileage tracking and reimbursement software. 

Apps that record information for healthcare workers inevitably store PHI, whether they’re tracking expenses, trips or other activities. In order for your mileage reimbursement solution to be HIPAA compliant – and by extension, your organization – third-party service providers must sign a Business Associates Agreement (BAA). A BAA is a written contract that specifies each party’s responsibilities when it comes to PHI.

CompanyMileage is HIPAA Compliant

CompanyMileage is dedicated to maintaining levels of security and compliance that meet or exceed the standards set by HIPAA. In accordance with the technical, physical and administrative standards of the HIPAA Security Rule, CompanyMileage encrypts data at NIST standards, uses secure logins and PINs, maintains secure servers and regularly monitored internal firewalls, and we ensure that through proper policies and procedures, PHI remains protected. A key part of these policies and procedures is the BAA we sign with every CompanyMileage client in the healthcare industry. 

We’re happy to sign a business associate agreement whenever necessary, but would all payroll and expense management companies say the same?

Secure Expense Reimbursement Management

Fortunately, CompanyMileage is ready and willing to provide a HIPAA compliant mileage reimbursement solution. The best part? We seamlessly integrate with all major accounting and payroll systems, including these:

  • Abila
  • AccessSource
  • AccuFund
  • ADP
  • Agresso
  • Blackbaud
  • CYMA
  • Financial Edge
  • Flexpay
  • Great Plains
  • Kronos
  • Lawson
  • MassPay
  • MultiView
  • Navision
  • NetChex
  • Netsuite
  • Oracle
  • PayChex
  • Paycom
  • PayCor
  • Payright
  • Primepoint
  • Quantum
  • Sage
  • TimeForce
  • TriNet
  • Ultipro
  • Workday

Take control of your mileage reimbursement. Contact CompanyMileage today for a demo!