HIPPA Compliance Statement

Norav Medical Inc. does not anticipate receiving or disclosing any individually identifiable information in the normal course of providing products/services. Should Protected Health Information (PHI) be made available, or obtained by Norav Medical, we do hereby assure our customers that we will:

Comply with the rules and regulations concerning the privacy and security of PHI under the Health Insurance Portability and Accountability Act of 1996 (HIPAA).
Protect against any non-permitted use or disclosure of PHI using no less than a reasonable amount of care.
All policies and procedures related to information and physical security are frequently reviewed to ensure they are up to date and follow any new or revised regulation.
Report any non-compliance of which we become aware.
Have named a HIPAA Security Official who creates, maintains, and trains regarding our HIPAA policies and procedures.
Have established that all employees with access to PHI receive training on our policies and procedures according to HIPAA mandates.
Automatic expiration of passwords.
Account lockouts upon numerous failed log-in attempts.
Transcripts and exhibits sent and received through secure file transfer (Citrix’s ShareFile).
Data-at-rest encryption.
Email verification.
Automatic virus scans.
Secure data backups.
Any potential or actual breaches are logged, investigated, and reported.