How ihakimi is compliant with the Health Insurance Portability and Accountability Act (HIPAA)

• Our core business operations involve the regular and systematic monitoring of covered entities on a large scale √

• Our services are designed and updated to be fully compliant with the HIPAA rules and standards √

• We have the complete responsibility to protect our customer’s data using the required technical techniques and legal agreements √

• We have a strong data protection policy which guides all the employees in how to keep protected data secure √

• We have a clear policy for our customers to exercise their rights regarding their protected information √

• We have implemented all policies, procedures, and standards of conduct that ensure that employees are informed of in the case of a violation √

• We have implemented all required technical and organizational measures to be compliant with the HIPAA obligations √

• We have implemented all required administrative, technical, and physical safeguards to monitor the use or disclosure of information that many contain protected health information (PHI) √

• The protected information of our customers that may contain health information is being saved and processed via high-security techniques √

• We maintain Business-Associate security standards that are mandatory to store, process or transmit Personal Data that provides a baseline of control expectations for the evaluation of each Business-Associate, conformance and risk acceptance based on the nature of the Business-Associate relationship. Each Business-Associate is required to sign contracts (BAA) that ensure the same level of protection to ihakimi as ihakimi obligations to Customer √

• A data protection consultant has approved our company’s compliance with the HIPAA √