HIPAA Compliance Statement for Zirr.ai - AI Medical Scribe

Last Updated: Mar 19, 2024

Zirr AI Medical Scribe is committed to maintaining the privacy and security of Protected Health Information (PHI) in accordance with the Health Insurance Portability and Accountability Act (HIPAA). This compliance statement outlines our dedication to safeguarding PHI and ensuring the confidentiality, integrity, and availability of healthcare data.

1. Business Associate Status

Zirr AI Medical Scribe acknowledges its role as a Business Associate as defined by HIPAA. We understand the importance of complying with HIPAA regulations and recognize our responsibility to protect the PHI entrusted to us by our clients.

2. Security Measures

Zirr AI Medical Scribe has implemented robust security measures to safeguard PHI, including but not limited to:

- Access Controls: Restricting access to PHI only to authorized personnel through secure user authentication mechanisms and role-based access controls.

- Encryption: Employing encryption techniques to protect PHI during transmission and storage.

- Audit Trails: Maintaining comprehensive audit trails to monitor and track access to PHI.

3. Cloud Hosting with AWS

Zirr AI Medical Scribe utilizes Amazon Web Services (AWS) for cloud hosting. We have entered into a Business Associate Agreement (BAA) with AWS to ensure the secure handling and storage of PHI within the cloud infrastructure. This BAA with AWS reinforces our commitment to HIPAA compliance and data protection.

4. Data Integrity and Accuracy

Zirr AI Medical Scribe is dedicated to ensuring the integrity and accuracy of PHI. We have implemented measures to prevent unauthorized alteration or destruction of healthcare data.

5. Business Associate Agreements (BAAs)

Zirr AI Medical Scribe enters into Business Associate Agreements (BAAs) with covered entities and other Business Associates in compliance with HIPAA. These agreements outline the respective obligations and responsibilities for the protection of PHI.

6. HIPAA Training and Awareness

Our staff undergoes regular HIPAA training to ensure awareness of privacy and security regulations. This training includes guidelines on handling PHI, reporting security incidents, and maintaining the highest standards of compliance.

7. Incident Response and Reporting

Zirr AI Medical Scribe has established incident response procedures to promptly address and mitigate any breaches or incidents involving PHI. We are committed to reporting such incidents by HIPAA requirements.

8. Continuous Compliance Monitoring

We conduct regular internal audits and assessments to monitor and enhance our HIPAA compliance measures. This includes reviewing and updating policies and procedures to reflect changes in regulations or our operations.

9. Privacy Officer Contact Information

For questions, concerns, or to report any issues related to HIPAA compliance, please contact our COO which is responsible for the HIPAA compliance.

Zirr AI Medical Scribe remains steadfast in its commitment to upholding the principles of HIPAA and protecting the privacy and security of healthcare information.

Zirr AI Medical Scribe