Exco InTouch, the leading provider of patient engagement and data capture solutions for clinical research and healthcare providers, has successfully undergone and completed an independent audit to assess compliance utilizing the National Institute of Standards and Technology (NIST) guidelines for Health Insurance Portability and Accountability Act (HIPAA), formally completing the independent auditing process for Privacy and Security.
HIPAA rules constitute a set of regulations from the US Department of Health and Human Services relating to any Protected Health Information (PHI) that identifies health or financial data of US citizens stored on computer systems. The Security Rule specifies a series of administrative, physical and technical safeguards for covered entities and their business associates to use to ensure the confidentiality, integrity and availability of electronic PHI.
Exco InTouch is an industry leader in the field of data privacy and security – viewing this as an essential component in achieving patient trust. Earlier this year, through its partnership with Regulatory Strategies, Exco InTouch introduced a fully compliant regulatory officer function 2 years ahead of the General Data Protection Regulation (GDPR) coming into effect
Dale Jessop, Chief Technology Officer at Exco InTouch, commented: “Privacy, Security and the protection of personal information remain the highest priority for Exco InTouch. Whilst no formal certification for HIPAA exists, we have taken the approach to be independently audited against NIST guidelines for HIPAA, both on security and more recently privacy provides further reassurance to our customers that Exco InTouch business operations are aligned to comply with HIPAA standards.”
Tim Davis, CEO and co-founder of Exco InTouch, added: “I am extremely proud of the team involved throughout the audit process, and also that of the 64 HIPAA security citations and the 20 HIPAA privacy citations applicable to our business, no findings were reported.”
As a result of this audit, Exco InTouch customers (for whom the company provides mobile and digital patient engagement solutions), can continue to be assured that their programmes comply with these stringent privacy and security safeguards.