Search:
Privacy/Compliance
We ensure compliance with HIPAA and privacy regulations
H2U is fully compliant with regulations for HIPAA, GINA, and all other applicable privacy laws. We protect data security by:
- Adhering to your medical record-keeping policy
- Implementing full-disk encryption for all workstations and laptops
- Requiring mandatory, annual Information Security Awareness Training
- Storing all patient medical records in the proprietary, clinic-based electronic medical record system
- Maintaining separate occupational and non-occupational hard copy records
- Limiting access to patient records based on role and facility security clearance
- Segregating client data in our systems
- Backing up all systems nightly and storing data at secure offsite facilities
Individual privacy is a priority
All participants or patients using H2U programs or H2U-managed clinics must sign a HIPAA compliance form before any protected health information is shared. While participant information may be included in aggregate management reports, at no time will any individual's personal health information be identifiable.