We ensures the confidentiality, integrity, and availability of PHI. It includes administrative, physical, and technical safeguards to protect against unauthorized access and ensure workforce compliance.
We implements procedures to manage risks, control access, train workforce members, resolve security incidents, and protect PHI during emergencies. This includes assigning security responsibilities and performing regular evaluations
Measures are in place to protect facilities and equipment housing PHI from environmental hazards and unauthorized access. This includes facility access controls, workstation security, and proper handling of devices and media containing PHI.
Technological measures are used to control access to PHI, ensure data integrity, and secure transmission. This includes access control mechanisms, audit controls, encryption, and authentication protocols.
We maintain Business Associate Agreements with subcontractors, ensuring HIPAA compliance. As required by the Security Rule, we retain documentation of actions, activities, and assessments.
The Security Official addresses complaints regarding policy compliance. NeuroReef Labs prohibits retaliation against individuals exercising their HIPAA rights or participating in compliance reviews and investigations.
Key terms related to HIPAA and PHI are defined. The policy is enforced through disciplinary actions, with regular reviews and audits to ensure ongoing compliance and effectiveness.
We maintain a contingency plan for emergencies affecting PHI. This includes data backup, disaster recovery, and emergency operation procedures to ensure the availability and integrity of PHI during unexpected events.
Procedures are in place to identify, respond to, and document security incidents involving PHI. The Security Incident Response Team (SIRT) handles incident logging, assessment, mitigation, and communication with relevant officials.