HIPAA Compliance Statement
ClaimsCure is committed to protecting the confidentiality, integrity, and availability of Protected Health Information (PHI) in accordance with the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and its implementing regulations.
As a medical billing and revenue cycle management services provider, ClaimsCure understands its responsibility to safeguard patient information entrusted to us by healthcare providers throughout the United States.
Our Role as a HIPAA Business Associate
ClaimsCure operates as a Business Associate under HIPAA. We provide medical billing, coding, claims management, and related revenue cycle services on behalf of healthcare providers, clinics, and other organizations classified as
Covered Entities.
In this role, ClaimsCure may receive, create, maintain, or transmit PHI solely for the purpose of delivering contracted services. PHI is not used or disclosed except as permitted by HIPAA and as defined in our contractual agreements.
HIPAA Regulations We Align With
- HIPAA Privacy Rule – Governs the use and disclosure of PHI and establishes patient privacy rights.
- HIPAA Security Rule – Requires administrative, physical, and technical safeguards to protect electronic PHI (ePHI).
- HIPAA Breach Notification Rule – Defines requirements for identifying, documenting, and reporting PHI breaches.
Safeguards to Protect PHI
Administrative Safeguards
- HIPAA awareness and role-based workforce training
- Written privacy and information security policies
- Access controls based on the minimum necessary standard
- Ongoing risk assessments and compliance reviews
- Confidentiality obligations for employees and contractors
Physical Safeguards
- Controlled access to facilities and work areas
- Secure workstation and device usage policies
- Protection of physical media containing PHI
Technical Safeguards
- Role-based system access controls
- Secure authentication mechanisms
- Encryption of PHI during transmission where applicable
- Audit logging and system activity monitoring
- Secure data storage and backup practices
Business Associate Agreements (BAA)
ClaimsCure enters into a Business Associate Agreement (BAA) with covered entity clients as required by HIPAA. The BAA defines permitted uses of PHI, safeguard requirements, breach reporting responsibilities, and compliance obligations.
Breach Detection and Incident Response
ClaimsCure maintains procedures to identify, assess, and respond to potential security incidents involving PHI. In the event of a confirmed breach, we notify affected clients in accordance with HIPAA breach notification requirements and contractual obligations.
Minimum Necessary Use of Information
ClaimsCure follows the Minimum Necessary Standard, accessing only the PHI required to perform billing, coding, and revenue cycle services. PHI is not used for marketing or non-authorized purposes.
Workforce Training and Awareness
All ClaimsCure personnel with access to PHI receive periodic HIPAA training focused on privacy, security, and responsible data handling practices.
Regulatory Guidance: ClaimsCure's compliance program is informed by official guidance issued by U.S. federal agencies including the Department of Health and Human Services (HHS), Office for Civil Rights (OCR), and Centers for Disease Control and Prevention (CDC). We monitor regulatory updates and continuously improve our safeguards and policies.
Disclaimer
This HIPAA Compliance Statement is provided for informational purposes only and does not constitute legal advice. ClaimsCure does not claim HIPAA certification, as no such certification is issued by the U.S. government.
Contact Information
ClaimsCure Medical Billing Services
Email: info@claimscure.com
Phone: +1 (301)-739-8880
Website: www.claimscure.com
© ClaimsCure. All rights reserved. Last updated:
