HIPAA Compliance

Our Standards Are Not Standard.

Because data integrity and security are top priorities at Healthcare Horizons, we maintain exceptional administrative, technical and physical safeguards to protect the confidentiality, integrity, and accessibility of protected health information (PHI) consistent with the requirements of HIPAA policies. We safeguard PHI against intentional and unintentional non-permissible uses and disclosures by utilizing the following measures.

  • A HIPAA-compliant, outsourced data center performs managed hosting services with multi-level authentication requirements for servers, including secure token encryption.
  • Our laptops are secured with full drive encryption with programmed time-outs.
  • We accept data submitted via the use of secure, encrypted email, as well as, data transmitted via secure FTP or HTTP protocols or secure file transfers.
  • We also accept data provided on CD, DVD, or USB media types. Data should be submitted in an encrypted format, not just password protected.¬†Media is securely stored¬†until secure disposal.
  • Our document and media (CD/DVD) disposal and shredding is through a reputable HIPAA-compliant supplier who provides certification of destruction.

Healthcare Horizons’ physical environment is secured through the use of 24/7 badge-entry systems, key entry locks to offices and desks, as well as alarm systems. Employees of Healthcare Horizons must undergo extensive background checks prior to joining our team. All our employees receive ongoing HIPAA security awareness training associated with the privacy and security of PHI.

Sword & ShieldSword and Shield Enterprise Security, Inc. performs an annual HIPAA Risk Assessment (HRA) and quarterly reviews to identify areas of risk associated with the storage, transmission, and processing of PHI. Our HIPAA Internal Policies and Procedures have been reviewed and approved by Sword and Shield. Healthcare Horizons’ processes, controls, and policies are analyzed using the U.S. Department of Health and Human Services (HHS), Office for Civil Rights (OCR) audit protocol. Healthcare Horizons has been certified as HIPAA Compliant by Sword and Shield.