Hello Heart is a HIPAA-covered entity when delivering our solutions to the participants. We are also the Business Associate of our partners. We will be using data you provide to check eligibility and conduct enrollment outreach activities. As the partner, you will always retain ownership of all data that you share with us, and we will protect it in accordance with our customer agreement and BAA.
HIPAA Compliance is adherence to the physical, administrative, and technical safeguards outlined in HIPAA, which covered entities and business associates must uphold to protect the integrity of Protected Health Information (PHI).
The NIST Cybersecurity Framework Core is essentially a set of cybersecurity activities, desired outcomes, and applicable references that are common across government and industry. The Core presents industry standards, guidelines, and practices in a manner that allows for communication of cybersecurity activities and outcomes across an organization from the executive level to the implementation/operations level, from one organization to another, and from one industry to another.