It is ARMUS Corporation’s policy to comply fully with HIPAA administrative, technical, and physical safeguards to ensure confidentiality, integrity, and availability. ARMUS Corporation employs external auditors to verify that they are in compliance with the HIPAA Privacy and Security Rules on an annual basis.
All ARMUS employees, interns, and volunteers must comply with ARMUS’ HIPAA Privacy and Security Policies and Procedures, which includes participating in annual training.
ARMUS Corporation employs external auditors to validate compliance with the HIPAA Privacy and Security Rules on an annual basis.
ARMUS supports minimum necessary provisioning of access based on roles and responsibilities both for its staff and clients. Roles and privileges are created based on need for access to confidential data.
ARMUS employees have unique usernames and passwords to access the computer network. PHI is only stored in approved password protected and encrypted devices. In addition, all ARMUS clients have unique usernames and must adhere to strict password requirements to access ARMUS applications.
ARMUS servers containing PHI data are kept in a secure facility, restricted to those with proper authorization. ARMUS provides encryption for data both active and at rest.