Safeguarding the privacy and confidentiality of Personally Identifiable Information (PII) and Protected Health Information (PHI) is of paramount concern to MicroMass Communications, Inc. PII is any data that can be used to contact, locate, or identify a specific individual, whereas PHI is any health information that is individually identifiable. Programs of MicroMass Communications, Inc. comply with HIPAA, COPPA, and DMA Privacy Guidelines.
We build security and privacy into each of our programs through the following key steps:
Designate a primary security and privacy contact
Provide a clear, simple privacy and usage statement
Use PHI only for intended purposes
Collect the minimum amount of data
Provide a privacy complaint/resolution system
Use opt-in enrollment
Provide easy opt-out
Provide a means to view and modify PHI
Encrypt network-transferred PHI
Encrypt PHI in all links
Establish a “chain of trust” with vendors’ security policies
To ensure organizational security, we:
Maintain and enforce a written security policy
Conduct security training for all staff
Maintain written contingency plans
Maintain and enforce a written HIPAA policy
Conduct HIPAA training for all staff
Implement HIPAA program certification procedures
Restrict access to PHI
Control physical access to facilities
These systems, processes, and personnel are the responsibility of our Chief Privacy Officer, Mark Rinehart, and our information security committee, including representation from senior executive management, information systems, human resources, and security personnel.
For further information regarding security and privacy issues, or to obtain copies of privacy notices and policies, please contact us at firstname.lastname@example.org, or call our corporate office at (919) 851-3182.