HIPAA Compliance Statement
ClaimsCure is committed to protecting the confidentiality, integrity, and availability of
Protected Health Information (PHI) in accordance with the Health Insurance Portability and
Accountability Act of 1996 (HIPAA) and its implementing regulations.
As a medical billing and revenue cycle management services provider, ClaimsCure understands
its responsibility to safeguard patient information entrusted to us by healthcare providers
throughout the United States.
Our Role as a HIPAA Business Associate
ClaimsCure operates as a Business Associate under HIPAA. We provide medical
billing, coding, claims management, and related revenue cycle services on behalf of
healthcare providers, clinics, and other organizations classified as
Covered Entities.
In this role, ClaimsCure may receive, create, maintain, or transmit PHI solely for the
purpose of delivering contracted services. PHI is not used or disclosed except as permitted
by HIPAA and as defined in our contractual agreements.
HIPAA Regulations We Align With
- HIPAA Privacy Rule – Governs the use and disclosure of PHI and establishes patient privacy rights.
- HIPAA Security Rule – Requires administrative, physical, and technical safeguards to protect electronic PHI (ePHI).
- HIPAA Breach Notification Rule – Defines requirements for identifying, documenting, and reporting PHI breaches.
Safeguards to Protect PHI
Administrative Safeguards
- HIPAA awareness and role-based workforce training
- Written privacy and information security policies
- Access controls based on the minimum necessary standard
- Ongoing risk assessments and compliance reviews
- Confidentiality obligations for employees and contractors
Physical Safeguards
- Controlled access to facilities and work areas
- Secure workstation and device usage policies
- Protection of physical media containing PHI
Technical Safeguards
- Role-based system access controls
- Secure authentication mechanisms
- Encryption of PHI during transmission where applicable
- Audit logging and system activity monitoring
- Secure data storage and backup practices
Business Associate Agreements (BAA)
ClaimsCure enters into a Business Associate Agreement (BAA) with covered
entity clients as required by HIPAA. The BAA defines permitted uses of PHI, safeguard
requirements, breach reporting responsibilities, and compliance obligations.
Breach Detection and Incident Response
ClaimsCure maintains procedures to identify, assess, and respond to potential security
incidents involving PHI. In the event of a confirmed breach, we notify affected clients in
accordance with HIPAA breach notification requirements and contractual obligations.
Minimum Necessary Use of Information
ClaimsCure follows the Minimum Necessary Standard, accessing only the PHI
required to perform billing, coding, and revenue cycle services. PHI is not used for
marketing or non-authorized purposes.
Workforce Training and Awareness
All ClaimsCure personnel with access to PHI receive periodic HIPAA training focused on
privacy, security, and responsible data handling practices.
Regulatory Guidance: ClaimsCure's compliance program is informed by official guidance issued by U.S. federal
agencies including the Department of Health and Human Services (HHS), Office for Civil
Rights (OCR), and Centers for Disease Control and Prevention (CDC). We monitor regulatory
updates and continuously improve our safeguards and policies.
Disclaimer
This HIPAA Compliance Statement is provided for informational purposes only and does not
constitute legal advice. ClaimsCure does not claim HIPAA certification, as no such
certification is issued by the U.S. government.
Contact Information
ClaimsCure Medical Billing Services
Email: contact@claimscure.com
Phone: +1 (301)-739-8880
Website: www.claimscure.com
© ClaimsCure. All rights reserved. Last updated:
