STATEMENT OF HIPAA COMPLIANCE
THIS STATEMENT OF HIPAA COMPLIANCE (“Compliance Statement”) is dated 6.15.2014 by Health Gorilla, Inc. DBA Health Gorilla Inc. (“Company”).
The Company is committed to protecting the privacy of Protected Health Information in accordance with HIPAA. The HIPAA regulations applicable to Company include the Standards for the Privacy of Individually Identifiable Health Information (the “Privacy Standards”), the Security Standards for the Protection of Electronic Protected Health Information (the “Security Standards”) and the requirements for Breach Notification for Unsecured Protected Health Information (the “Breach Notification Standards”). All of these regulations establish requirements with respect to Company’s use and disclosure of Protected Health Information.
HIPAA is not the only law governing Company with respect to patient privacy. Company’s policy is also to comply with state laws and other federal laws governing patient privacy, to the extent those laws are not preempted by HIPAA and to the extent applicable to Company.
Company has adopted this HIPAA Compliance Program (the “Program”), consisting of approximately thirty one (31) policies and procedures (collectively, the “Privacy Policies”) and an additional and separate forty two (42) policies and procedures relative to security of EPHI (collectively, the “Security Policies”), to assure its compliance with the Privacy Standards, the Security Standards and the Breach Notification Standards and applicable state laws governing privacy, to the extent such state laws are not preempted by HIPAA. Recognizing that conducting the Program is an evolving process, Company may, from time to time, implement other policies and procedures, and may modify existing policies and procedures, to reflect its commitment to patient privacy and compliance with HIPAA.
The Program is a detailed and specific set of policies and procedures with which all Company personnel who use, disclose or access Protected Health Information must comply. The Program, and other information pertaining to Company’s protection of patient privacy, may be subject to inspection by the Secretary of HHS for the purpose of monitoring compliance with HIPAA.
Our Workforce members are trained to comply with the Program, will immediately report any potential violation of the Program to the Privacy Officer, and assist other Workforce members and authorized outside personnel to investigate any alleged violations. Questions about this program should be directed to our Privacy Officer directly via 844.446.7455 or via firstname.lastname@example.org.
IN WITNESS WHEREOF, the Company has executed this Compliance Statement on the date first set forth above.
HEALTH GORILLA, INC.
Learn more about our HIPAA Compliance.