BrightReach Group

We are committed to transparency and maintaining the highest standards of security and privacy when handling protected health information. Here you can view our compliance posture, published policies, and security status.

Compliance

Our organization maintains an active HIPAA compliance program managed through the Accountable platform.

HIPAA Compliant Badge

HIPAA Compliance

Active

Health Insurance Portability and Accountability Act

Verified by

Accountable

HIPAA Policies Adopted

Published policies governing the handling of protected health information

Employee HIPAA Training

Team members trained on HIPAA requirements and security awareness

Business Associate Agreements

Contracts in place with vendors who access PHI

Asset & Inventory Mapping

Systems and assets that store or process PHI have been identified

Incident Response Plan

Procedures established for responding to security incidents and breaches

Policies

Published HIPAA policies governing our compliance program.

32 policies
Acceptable Use Policy
Access Rights
Audit Controls Policy
Authentication Controls
Business Associate Relationship
Comprehensive Information Security Plan
Confidentiality Agreement Policy
Data Backup and Storage
Data Integrity
De Identification Policy
Device Media Controls Policy
Disaster Recovery
Documentation, Records Retention, and Documentation Destruction
Encryption Policy
Enforcement Sanctions
Facility Access Controls
Incident Reporting Policy
Malware Policy Policy
Marketing and Fundraising
Mitigation Policy
Non-retaliation and Waiver
Notification of Breach
Ongoing Risk Assessment
Personnel Designations
Privacy Policy
Restricted Internal Access to PHI
Sanctions Non Compliance
Security Incident Response Policy
Termination Procedures
The Minimum Necessary Requirement
Transmission Security
Workstation Security

Security

Key security controls and operational readiness indicators.

Incident Response Plan

Active

Procedures for responding to security incidents and breaches

Employee HIPAA Training

70% complete

Ongoing security awareness and HIPAA compliance training program

Business Associate Agreements

100% complete

Contracts with vendors who access protected health information