At Olympic we continue to expand our focus on the privacy and security practices governing the data we manage on our clients' behalf. We are an industry leader, implementing HIPAA initiatives well in advance of the required deadlines. Our approach to HIPAA as a quality improvement process has yielded many positive results and operational improvements.

The following are some of our recent accomplishments:

• Developed and implemented new policies and procedures governing the way health information is used, kept private, and secure.
• Reviewed and modified all employee access to electronic confidential health data on a role-based system.
• Educated all staff on the importance of privacy and security related to the data we manage.
• Integrated standard transactions, as well as comment and reason code sets, into existing system configuration and processes.
• Purchased and implemented translation tool, enabling successful testing of standardized inbound and outbound transaction files, with achievement of Claredi certification of all applicable inbound and outbound transactions.
• Developed and implemented versatile procedures to process either standard transactions or current NSF formats (pursuant to CMS announcement in September, 2003 to NOT penalize providers or plans that continue to utilize non-standard transactions).

Olympic routinely conducts an audit of external data sharing to ensure all shared data meets the minimum necessary standards set forth in HIPAA, and that our security practices meet or exceed HIPAA requirements.

Olympic remains committed to strengthening and improving our privacy and security program to better support our clients and meet the requirements of HIPAA and all related regulations.