HIPAA Policy - Brina Medical

BRINA MEDICAL US LLC and HIPAA Compliance

BRINA MEDICAL is committed to protecting the privacy and security of Protected Health Information (PHI) in compliance with the Health Insurance Portability and Accountability Act (HIPAA). This statement outlines our commitment to HIPAA compliance, particularly in relation to the distribution of our products and services to healthcare practitioners.

Our Commitments:

Business Associate Agreements (BAAs):
We will execute Business Associate Agreements (BAAs) with our healthcare practitioner clients when we are deemed to be a Business Associate, ensuring we have a legal framework for the secure handling of PHI.

Data Security:
We employ appropriate technical, physical, and administrative safeguards to protect PHI from unauthorized access, use, or disclosure. This includes, but is not limited to, data encryption, access controls, and security awareness training for our employees.

Limited Disclosure:
We will only disclose PHI to the extent necessary for the provision of our products and services, and only with proper authorization or as otherwise permitted by HIPAA.

Training and Education:
Our employees are trained on HIPAA regulations and privacy practices, including how to handle PHI securely.

No Selling PHI:
We do not sell or share PHI with third parties for marketing or other purposes, except as authorized by the patient or as required by law.

Data Breach Notification:
In the event of a data breach involving PHI, we will comply with HIPAA’s notification requirements.

Your Responsibilities as a Healthcare Practitioner:

BAA Execution:
As a healthcare practitioner, you are responsible for entering into a BAAs with us if we are deemed a Business Associate.

Security Measures:
You are responsible for implementing appropriate security measures to protect PHI in your practice, including physical and technical safeguards.

Compliance with HIPAA:
You are responsible for complying with all applicable HIPAA regulations, including those related to the use, disclosure, and protection of PHI.

Reporting Violations:
You are responsible for reporting any suspected HIPAA violations to our designated Compliance Officer.
This statement is provided for informational purposes only and does not constitute legal advice. For specific questions regarding HIPAA, please consult with legal counsel.