MapleIME Logo

HIPAA Compliance

Last Updated: January 15, 2024

MapleIME is fully compliant with HIPAA regulations to protect your health information.

HIPAA Overview

The Health Insurance Portability and Accountability Act (HIPAA) is a federal law that protects the privacy and security of your health information. As a healthcare technology platform, MapleIME is committed to full HIPAA compliance.

We implement comprehensive administrative, physical, and technical safeguards to ensure your Protected Health Information (PHI) remains secure and confidential.

Protected Health Information (PHI)

PHI includes any health information that can be used to identify you. We protect all forms of PHI:

Medical Information

  • • Medical history and conditions
  • • Treatment records
  • • Test results and lab reports
  • • Prescription information

Personal Identifiers

  • • Name and contact information
  • • Social Security numbers
  • • Insurance information
  • • Account numbers
HIPAA Safeguards

Administrative Safeguards

HIPAA Security Officer appointed
Employee training programs
Access management procedures
Incident response protocols

Physical Safeguards

Secure data centers
Biometric access controls
24/7 monitoring systems
Secure media disposal

Technical Safeguards

End-to-end encryption
Multi-factor authentication
Audit logs and monitoring
Automatic session timeouts
Your HIPAA Rights

Under HIPAA, you have specific rights regarding your health information:

Right to Access

You can request and receive copies of your health records and other health information.

Right to Amend

You can request corrections to your health information if you believe it's incorrect or incomplete.

Right to Restrict

You can request limits on how your health information is used or shared.

Right to Accounting

You can request a list of disclosures of your health information.

Breach Notification

Our Commitment

In the unlikely event of a data breach involving your PHI, we will notify you and relevant authorities within the timeframes required by HIPAA.

Notification Timeline

  • Individuals: Within 60 days of discovery
  • Department of Health and Human Services: Within 60 days
  • Media (if breach affects 500+ individuals): Without unreasonable delay
  • Annual summary for smaller breaches

What We'll Tell You

  • Description of what happened
  • Types of information involved
  • Steps we're taking to investigate and mitigate
  • What you can do to protect yourself
Business Associate Agreements

We maintain Business Associate Agreements (BAAs) with all third-party vendors who may have access to PHI:

Covered Vendors

  • Cloud hosting providers
  • Data backup services
  • Analytics platforms
  • Customer support tools

BAA Requirements

  • HIPAA compliance certification
  • Security assessment completion
  • Incident reporting procedures
  • Data return/destruction protocols
Complaints and Concerns

If you believe your privacy rights have been violated or have concerns about our privacy practices:

Contact Our Privacy Officer

Email: privacy@MapleIME.com

Phone: 1-800-MapleIME

Address: 123 Healthcare Ave, Medical City, MC 12345

File a Complaint with HHS

Website: www.hhs.gov/hipaa/filing-a-complaint

Phone: 1-800-368-1019

Address: Office for Civil Rights, U.S. Department of Health and Human Services

No Retaliation: We will not retaliate against you for filing a complaint or exercising your HIPAA rights.

This HIPAA compliance statement demonstrates our commitment to protecting your health information privacy and security.