HIPAA Compliance Information

What is HIPAA?

HIPAA stands for the Health Insurance Portability and Accountability Act. The purpose of HIPAA is to ensure the privacy and security of patient protected health information (PHI). The HIPAA regulation consists of three main rules: the HIPAA Privacy, Security, and Breach Notification Rules.

Each of these Rules has a specific purpose and requires organizations to implement policies and procedures to ensure adherence.

  • HIPAA Privacy Rule: dictates the proper uses and disclosures of PHI

  • HIPAA Security Rule: requires organizations to implement measures to ensure the confidentiality, integrity, and availability of PHI

  • HIPAA Breach Notification Rule: requires organizations to report breaches that affect PHI

A great resource to use for becoming compliant is a HIPAA compliance checklist. However, we strongly recommend that you keep up with HIPAA regulation changes and that you work with a qualified attorney and/or HIPAA compliance professional to ensure compliance.

HIPAA Security

The HIPAA Security Rule requires that we implement safeguards to keep protected health information (PHI) secure. To meet our security requirements, we implement administrative, technical, and physical safeguards. Some of these measures include encryption, user authentication, access controls, audit trails, data backup, and disaster recovery.

Do You Sign BAAs?

Yes, we are HIPAA compliant and will sign a Business Associate Agreement, which requires us to use specific safeguards to protect your data.

We supply BAAs with every contract, you can also email your organization’s standard signed BAA to us at info@targetcontinuum.com. We will review it, and assuming everything looks good, we will sign it and replace the BAA on file for your account.

It is important that while we are HIPAA compliant, you are responsible for your own HIPAA compliance program and how you use it. Learn more about Business Associate Agreements.

Why Do I Need a BAA?

Without a signed Business Associate Agreement (BAA) our service cannot be used in compliance with HIPAA. This is because as a HIPAA Business Associate contracted by your organization, we have the potential to access protected health information (PHI). HIPAA requires us to have a signed BAA in place with you before you can use our service.

What is the HIPAA Seal of Compliance

There is no official certification of HIPAA compliance, but we partnered with a third-party company to ensure we are doing everything right and, after completing their program, received their Seal as proof of our good faith effort. The Seal of Compliance verifies and validates our efforts to comply with HIPAA. 

To verify our compliance click here or on the Seal.

Do We Conduct a Security Risk Assessment?

Yes, as a Business Associate, we are required to conduct an annual security risk assessment (SRA) as part of our HIPAA compliance. SRAs identify deficiencies in security practices, allowing us to implement measures to improve our security and prevent breaches. Learn about Security Risk Assessments.

Schedule Your Appointment