Our commitment to protecting patient data as your healthcare IT partner.
IT Support Healthcare provides managed IT, cybersecurity and related services to dental and medical practices. In the course of supporting our clients, we may access, store or transmit protected health information (PHI). This notice explains how we approach our responsibilities under the Health Insurance Portability and Accountability Act (HIPAA).
When we handle PHI on behalf of a healthcare provider (a “Covered Entity”), we act as a Business Associate under HIPAA. We enter into a Business Associate Agreement (BAA) with each client before accessing systems that may contain PHI, defining how that information may be used and protected.
We maintain administrative, physical and technical safeguards consistent with the HIPAA Security Rule, including:
We use and disclose PHI only as permitted by our Business Associate Agreements and applicable law — generally limited to the activities required to deliver and support the services our clients have requested. We do not sell PHI.
Where we engage subcontractors who may access PHI, we require them to agree, in writing, to the same restrictions and conditions that apply to us under HIPAA.
In the event of a breach of unsecured PHI, we will notify the affected client (Covered Entity) without unreasonable delay and in accordance with HIPAA’s breach notification requirements and our Business Associate Agreement.
HIPAA compliance is a partnership. While we secure the technology and infrastructure within our scope, each practice remains responsible for its own clinical workflows, its patient-facing Notice of Privacy Practices, and its overall compliance program. This page is a statement of our practices and is not a substitute for legal advice or your practice’s own policies.
To request a Business Associate Agreement or ask about our HIPAA practices, contact us at hello@itsupport.healthcare or (713) 955-2020.