HIPAA and Privacy Policy

How Mind Your Skin in Havertown and Philadelphia handles Personal Protected Information including Protected Health Information and Financial Data

PROTECTED HEALTH INFORMATION

The Health Insurance Portability and Accountability Act of 1996, commonly known as HIPAA, is a series of regulatory standards. They outline the lawful use and disclosure of protected health information (PHI).  The Department of Health and Human Services (HHS) regulates HIPAA compliance. The Office for Civil Rights (OCR) enforces it.

Through a series of interlocking regulatory rules, health care organizations must implement HIPAA compliance into their business in order to protect the privacy, security, and integrity of protected health information.

What is Protected Health Information?

Protected health information (PHI) is any demographic information that can be used to identify a patient or client. Common examples of PHI include names, addresses, phone numbers, Social Security numbers, medical records, financial information, and full facial photos to name a few.

Mind Your Skin HIPAA Privacy Policy

FINANCIAL DATA

PCI DSS certification

This process ensures the security of card data at our business through a set of requirements. PCI SSC establishes these rules. This includes a number of commonly known best practices, such as:

• Installation of firewalls and dedicated circuits
• Encryption of data transmissions
• Use of anti-virus software
• Monthly vulnerability scans
• No storage of full credit card information

This ensures restricted access to cardholder data and monitoring of access to network resources.

PCI-compliant security provides a valuable asset that informs our customers our business is safe to transact with, whether in-person, over the phone or at our web-store.