misResultados operates a network which facilitates the electronic transmission of clinical test results from the Clinical Laboratory to our repository of health information. This service allows to you and to your health care provider, access and manage your information in a fast, safe and effective way. Through misResultados network, Clinical Laboratories in Puerto Rico made available information of the patient clinical test results, so health care providers, authorized by the patient, and the patient himself, have access to health information.
The information that you have access to should not be used as a replacement or in place of a visit, call, query with or the council of your health care provider or medical attention. misResultados does not recommend self-diagnosis or self-management of health problems. If you have any questions regarding your health information or health care, you should diligently call or consult your physician or other health care provider. You, as a patient, should never ignore the instructions of your health care provider. Nor should you delay in reporting information related to your health status or seeking medical opinion and / or treatment because you have read or accessed information on this site.
Unlike a health care provider or health plan, misResultados are not regulated by the Health Insurance Portability and Accountability Act (HIPAA), the federal law that sets the rules for the confidentiality of patient health information. As an exception, if "misResultados" offers services to any health care provider or health plan, then it is required to comply with certain part of the Privacy Rule and with the HIPAA Safety Rule, as amended.
Our primary relationship is with you, the patient-user. Under the HIPAA Privacy Rule, as amended, you have the right to obtain a copy of your health information and / or health record. If you choose to use misResultados, we will help you store and manage your health information online.
The participating clinical laboratory has informed the patient about the Practices of Privacy that are instrumented in the clinical laboratory. These practices express that the HIPAA Privacy Rule, as amended, allows the patient’s health information to be used and disclosed for Treatment, Payment and Health Operations purposes, which is permitted to the extent necessary without Need for express authorization of the patient, and informs that the use and disclosure can be done by electronic means.
To the network of misResultados, health information may be required from the public health authorities, on behalf of the health care provider. These transmissions may cause a request and the authorization of the covered entities to be made to a missionary who tests the health information transmission services. Just as they have executed these transmissions, as required and permitted by applicable law, health insurers in relation to their insured members.
By accessing our portal and your health information, you provide misResultados with the authorization to manage and safeguard your health information. The authorization you give to misResultados is independent of the consent or authorization you give to your health care provider. The authorization you provide to us to safeguard your information may be revoked when you so determine.
Maintaining the privacy and security of the personal and health information that is transmitted and protected through the misResultados network is of vital importance to us. misResultados has implemented appropriate privacy safeguards to prevent the use or disclosure of personal and health information in an unauthorized manner and in contravention of the prohibitions that HIPAA, as amended, provides. misResultados has implemented reasonable and adequate administrative, physical and technical security safeguards to maintain the protection of the confidentiality, integrity and availability of health information in our database and through our network.
misResultados continuously works to maintain the highest standards of security in the provision of its services. Our participants, health service providers, can only connect to the network of misResultados if they comply with the technical and security requirements in their information systems. These requirements are requested by misResultados so that they can be part of the network. This effort, which in contractual circumstances is a condition, promotes the ability of our participants-providers of health services to be compatible with our security policy. The technical and safety capacity that our health care providers must mention is related to the origin and transmission of the electronic report or result of clinical tests. This process promotes that the information systems that connect to our network work in accordance with and in compliance with the accepted norms of the health industry. It also promotes working in compliance with federal government standards for the electronic exchange of health information among health care providers.
At misResultados we believe that the health information belongs to you, so you have the right to decide where your health information is kept. misResultados explains below how we keep your data secure and private.
- Your health information is stored in your account and other users cannot access it;
- You decide to give access to your account to whom you deem necessary, and you can revoke that access at any time;
- You can request a report from misResultados about who has accessed your account;
- You decide even when we store your health information, so by notifying your decision, we proceed to delete it from our database, in compliance with the protected health information destruction standards;
- We use and implement the security standards required by the HIPAA Safety Rule so that your information is secure.
To guarantee the previous statement, at misResultados we use applications (software), technological infrastructure (hardware) and strict policies to keep your health information safe and private.
The database that maintains the health information of the patient-user using our services is protected by state-of-the-art security systems, including Secure Socket Layer (SSL) encryption, firewalls, alarms and other technologies which we consider convenient to use. We have backup systems to protect the integrity of this information. Our servers are protected and guarded in a physical structure suitable for it. In addition, this structure has access and security controls that complement physical security, such as access codes, physical-structural locks and security personnel, among others.
There are also procedural safeguards to protect the health information that you, as patient-users store with us. Our staff is obliged to comply with strict non-disclosure policies to third parties, either within our organization, between participating providers and outside it, under penalties and / or civil claims or criminal prosecutions.