HIPAA Compliance

HIPAA Compliant

We meet the requirements of HIPAA Security and Privacy Rules

Our HIPAA Commitment

Health Vault is designed to be HIPAA-compliant for users who need to store Protected Health Information (PHI). We act as a Business Associate to covered entities and individuals.

HIPAA Safeguards We Implement

Administrative Safeguards:

Security management process
Workforce security training
Information access management
Contingency planning

Physical Safeguards:

Facility access controls
Workstation security
Device and media controls

Technical Safeguards:

Access control (unique user IDs)
Audit controls (detailed logs)
Integrity controls (no improper modification)
Transmission security (encryption)

Business Associate Agreement (BAA)

We offer BAAs to covered entities and healthcare organizations. The BAA ensures:

Appropriate safeguards for PHI
Reporting of security incidents
Compliance with HIPAA rules
Return/destruction of PHI upon termination

Request a BAA:

Email: hipaa@healthvault.com

Breach Notification

In the event of a breach of unsecured PHI, we will notify affected individuals and the Secretary of HHS as required by HIPAA regulations.

Your Rights Under HIPAA

Access your health information
Request corrections
Request restrictions on use/disclosure
Request confidential communications
Receive an accounting of disclosures