We implement administrative, physical, and technical safeguards that reasonably and appropriately protect the confidentiality, integrity, and availability of the PHI we handle.
Risk Analysis and Management:
We conduct regular risk analyses to identify potential risks to PHI and implement security measures to reduce these risks to acceptable levels.
Training and Awareness
All our employees undergo comprehensive training on HIPAA regulations and understand their roles in protecting PHI.
Business Associate Agreements (BAAs)
We fully support the rights of individuals under GDPR, including the right to access, correct, delete, and restrict processing of their data, the right to data portability, and the right to object.
Incident Response and Reporting
We implement appropriate technical and organizational measures that ensure and demonstrate that we process personal data in compliance with GDPR. This includes measures to protect data against unauthorized or unlawful processing and against accidental loss, destruction, or damage.
Related articles
Access Controls
We implement strict access controls to ensure that only authorized personnel can access PHI, based on the principle of minimum necessary use.
Locally hosted data
We prioritise data sovereignty by ensuring all our data is locally hosted within the United States. This practice enhances data security and speeds, while also ensuring compliance with US data protection regulations.
