HIPAA Compliance Statement
The Health Insurance Portability and Accountability Act (HIPAA) and Health Information Technology for Economic and Clinical Health (HITECH) Act defines policies, procedures, and processes that are required for companies that store, process, or handle electronic protected health information (ePHI).
As a healthcare technology company, Arriba Data Systems, LLC (hereinafter "Arriba") is committed to complying with the Health Insurance Portability and Accountability Act (HIPAA) and all related regulations to safeguard protected health information (PHI).
Arriba recognizes the importance of protecting the privacy and security of PHI, and has implemented comprehensive policies, procedures, and safeguards to ensure that all PHI is handled in accordance with the HIPAA Privacy, Security, and Breach Notification Rules.
Arriba's workforce members are trained regularly on HIPAA compliance, including the importance of maintaining the confidentiality, integrity, and availability of PHI. Arriba has implemented physical, technical, and administrative safeguards to protect PHI from unauthorized access, use, disclosure, or destruction.
Arriba has designated a HIPAA Privacy Officer and HIPAA Security Officer who are responsible for overseeing the company's compliance with HIPAA regulations. In the event of a breach of PHI, Arriba will promptly investigate and notify affected individuals and the Department of Health and Human Services, as required by HIPAA regulations.
Arriba maintains business associate agreements (BAAs) with all applicable vendors and contractors who may have access to PHI. These BAAs outline the obligations and responsibilities of each party to ensure the protection of PHI.
Arriba is committed to continually improving its HIPAA compliance program and will review and update its policies and procedures as necessary to remain compliant with all HIPAA regulations.
Arriba Data Systems, LLC takes its responsibility to protect PHI seriously and is dedicated to ensuring the privacy, security, and confidentiality of all PHI entrusted to its care.
This statement is effective as of 1, July 2022.
Electronically signed.
Jerrold Garrard
Principal and General Manager