HIPAA Compliance Statement
Valant is committed to the security of our products and technology, and to maintaining the confidentiality, integrity, and availability of ePHI data in our systems.
We’ve instituted administrative, physical, and technical safeguards; and implemented policies and processes designed to protect data privacy and security. These meet Health Insurance Portability and Accountability Act (including HITECH Act and Omnibus Rule of 2013) Business Associate requirements.
Administrative Safeguards
Valant's administrative safeguards include:
- Security management to prevent, detect, contain and correct identified risks
- Information access management
- Restricting ePHI access to employees who require it to perform their jobs, and only to the minimum level necessary
- Employee background screening before hire, and annually during employment
- Security and awareness training at hire and annual mandatory retraining
- Security incident response and activity review
- Contingency planning to support operational continuity during emergency and disaster situations
- Continued evaluation of policies, processes and controls
Physical Safeguards
Valant's Physical safeguards include security measures to:
- Control and validate access to Valant facilities and data centers
- Maintain workstation security
- Protect and control hardware and electronic media that store of contain ePHI
Technical Safeguards
Valant's technical safeguards include controls and electronic mechanisms to:
- Restrict system access to authorized users
- Allow for ongoing review and audit of system activity
- Protect ePHI integrity and authenticity
- Verify a person's or entity's identity before granting system access
- Protect ePHI during electronic transmission
Please note that this does not include all measures Valant takes to protect our clients’ security, and this information is subject to change. If you have questions or concerns, please feel free to reach out to our Support team.