VATRIX HIPAA Compliance
This page provides an overview regarding the HIPAA compliance of VATRIX.
If a customer is a Covered Entity or a Business Associate as defined under the Health Insurance Portability and Accountability Act (HIPAA) and will use VATRIX services to create, receive, transmit, or maintain PHI, the customer must request a Business Associate Agreement (BAA) from VATRIX. In that situation, VATRIX will act as a Business Associate, and it will manage its HIPAA obligations accordingly.
The VATRIX BAA further outlines the respective HIPAA obligations of both VATRIX and the customer.
Please note that the customer is ultimately responsible for determining their organization’s overall compliance with HIPAA.
HIPAA Compliance According to Health and Human Services
- Implementing written policies, procedures and standards of conduct.
- Designating a compliance officer and compliance committee.
- Conducting effective training and education.
- Developing effective lines of communication.
- Conducting internal monitoring and auditing.
- Enforcing standards through well-publicized disciplinary guidelines.
- Responding promptly to detected offenses and undertaking corrective action.
Frequently asked questions
What is HIPAA?
HIPAA, or the Health Insurance Portability and Accountability Act, was enacted in 1996 to create national standards that healthcare providers and insurance providers must follow to keep sensitive patient information and medical records private.
Why does VATRIX have HIPAA Compliance?
Businesses that use VATRIX services to transmit PHI (protected health information) must follow by HIPAA standards.
Who is responsible for following HIPAA?
The ultimate responsibility for HIPAA Compliance rests with the VATRIX customer, not VATRIX. Please contact us accordingly and receive a Business Associate Agreement if your business requires one.