ConduitOffice.com and all related subsidiaries do not anticipate disclosing any individually identifiable information in the normal course of providing services. When Protected Health Information (PHI) is made available to, or obtained by ConduitOffice.com, we do hereby assure our customers that we will:
- Comply with the rules and regulations concerning the privacy and security of PHI under the Health Insurance Portability and Accountability Act of 1996 (HIPAA).
- Require the utilization of a Business Associate Addendum (BAA), in the event that confidential information will be disclosed. This addendum may be provided by PME upon request.
- Not use or disclose any PHI except in the course of meeting our contractual obligations or as required by law.
- Ensure that agents or subcontractors working on our behalf agree to the same restrictions.
- Protect against any non-permitted use or disclosure of PHI using no less than a reasonable amount of care.
- Report any non-compliance of which we become aware.
- At the request and direction of the customer and if feasible, make available PHI in accordance within the requirements of HIPAA.
- Upon reasonable notice and during normal business hours, allow the Secretary of the United States Department of Health and Human Services the right to audit our records and practices related to the use and disclosure of PHI to ensure compliance.
- Have named a HIPAA Security Official who creates, maintains, and trains regarding our HIPAA policies and procedures.
- Have established that all employees with access to PHI receive training on our policies and procedures according to HIPAA mandates.
If you have questions or would like additional information regarding our privacy practices, please e-mail support@brightree.com.
For your reference, the main policy link to the main HIPAA website is http://www.hhs.gov/ocr/hipaa/.
