• Home
  • Healthcare Call Center
    • For Insurance Companies
    • For Doctors
    • For Hospitals
    • For Orthodontists
  • Other Call Center
    • For Attorneys
    • For Contractors
    • Debt Collection Services
  • B2B Sales
    • Leads on demand
    • B2B Sales Meetings
  • Top UCaaS Providers
  • Contact
  • HIPAA Privacy Policy
  • Vision & Mission
  • Jobs
  • More
    • Home
    • Healthcare Call Center
      • For Insurance Companies
      • For Doctors
      • For Hospitals
      • For Orthodontists
    • Other Call Center
      • For Attorneys
      • For Contractors
      • Debt Collection Services
    • B2B Sales
      • Leads on demand
      • B2B Sales Meetings
    • Top UCaaS Providers
    • Contact
    • HIPAA Privacy Policy
    • Vision & Mission
    • Jobs
  • Sign In
  • Create Account
  • Bookings
  • My Account

  • Signed in as:

  • filler@godaddy.com

  • Bookings
  • My Account

  • Sign out

Signed in as:

filler@godaddy.com

  • Home
  • Healthcare Call Center
    • For Insurance Companies
    • For Doctors
    • For Hospitals
    • For Orthodontists
  • Other Call Center
    • For Attorneys
    • For Contractors
    • Debt Collection Services
  • B2B Sales
    • Leads on demand
    • B2B Sales Meetings
  • Top UCaaS Providers
  • Contact
  • HIPAA Privacy Policy
  • Vision & Mission
  • Jobs

Account

  • Bookings
  • My Account

  • Sign out

  • Sign In
  • Bookings
  • My Account

HIPAA Privacy Policy

1.0 Scope

This policy outlines the responsibilities of Mid Atlantic Business Management Inc., ("Contractor") to safeguard the privacy and security of Protected Health Information ("PHI") in compliance with the Health Insurance Portability and Accountability Act of 1996 ("HIPAA"), including the HIPAA Privacy Rule and Security Rule (45 CFR Parts 160 and 164), as well as the Health Information Technology for Economic and Clinical Health (HITECH) Act.

This policy operates in conjunction with the Business Associate Agreement ("BAA") executed between Mid Atlantic Business Management Inc., and each Client.

Definitions:

● Client: Any customer with whom Mid Atlantic Business Management Inc., has a legal Business Associate Agreement.

● Served Patients: Patients who receive services from or through the Contractor.

● Contractor: Mid Atlantic Business Management Inc.


2.0 Scope

This policy applies to all Clients, Served Patients, and Contractor workforce members who access PHI. The Contractor's workforce includes employees, volunteers, trainees, subcontractors, and any person under direct control of the Contractor, regardless of compensation status.


3.0 Roles and Responsibilities

3.1 Privacy Officer

Andy Gawai, Director of Client Relations, is designated as the Privacy Officer and will:

● Develop and implement policies and procedures regarding the use and disclosure of PHI;

● Monitor compliance with HIPAA regulations and this Privacy Policy;

● Ensure BAAs are in place and enforced with Clients and subcontractors;

● Serve as the primary contact for privacy inquiries and complaints.

Contact Information:
Andy Gawai
(m) +1 469-949-6226
📧 andy.gawai@midatlantic-bps.com
📬 Mailing Address: 705-14 Keystone Park Drive, Morrisville NC, 27560 USA


3.2 Workforce Training

All workforce members who handle PHI must complete HIPAA training tailored to their job responsibilities. Training will be documented and retained for a minimum of six (6) years.


3.3 Safeguards

The Contractor will implement administrative, technical, and physical safeguards, including:

● Administrative: Written policies on PHI handling and disclosure;

● Technical: Role-based access control and audit trails for PHI systems;

● Physical: Secured workspaces, locked storage, and access-restricted areas.


4.0 Complaints Process

Individuals may file complaints related to PHI privacy:

● All complaints must be submitted to the Privacy Officer;

● The Privacy Officer will maintain documentation of all complaints and resolution steps;

● Complaint procedures are available upon request.


5.0 Breach Notification

In accordance with 45 CFR §§ 164.400-414, the Contractor will notify the Client of any unauthorized access, use, or disclosure of unsecured PHI within 10 business days of discovery. Breach notifications will include:

● A description of the breach;

● Types of information involved;

● Steps taken to mitigate harm;

● Contact procedures for affected individuals.


6.0 Disciplinary Actions

Violations of this policy may result in disciplinary action, up to and including suspension or termination. Sanctions will align with the Contractor’s internal disciplinary procedures.


7.0 Use and Disclosure of PHI

The Contractor and its workforce will:

● Use and disclose PHI only as permitted under HIPAA or with valid authorization;

● Comply with the “minimum necessary” standard by limiting PHI access to only what is required;

● Adhere to any signed participant authorization per 45 CFR §164.508.


8.0 Definitions and Standards

8.1 Use vs. Disclosure

● Use: Internal utilization of PHI by workforce members within their roles.

● Disclosure: Sharing PHI with individuals or entities outside the Contractor, unless permitted under HIPAA.


8.2 Minimum Necessary and Limited Data Sets

PHI use/disclosure will be minimized. Limited Data Sets exclude the following identifiers:

● Names, full postal addresses, SSNs, phone numbers, email addresses;

● Medical record numbers, account numbers, and license numbers;

● IP addresses, URLs, biometric identifiers, and photographic images.


8.3 PHI Definition

PHI is any health-related information that identifies or could reasonably be used to identify an individual. This includes data relating to treatment, payment, or healthcare operations for living or deceased individuals.


9.0 Non-Retaliation

Contractor prohibits retaliation against any individual who:

● Files a privacy complaint;

● Participates in a privacy investigation;

● Exercises any HIPAA-related rights.

No individual may be required to waive HIPAA rights as a condition of service.


10.0 Subcontractor Compliance

Subcontractors and vendors who access PHI must:

● Sign a HIPAA-compliant agreement;

● Implement safeguards in line with this policy;

● Notify the Contractor of any PHI breach.


11.0 Policy Management

This Privacy Policy is subject to change. The Contractor may amend or revise this document at any time, and Clients will be notified of significant updates.


12.0 Contact

Privacy Officer Contact:
Contact Information:
Andy Gawai
(m) +1 469-949-6226
📧 andy.gawai@midatlantic-bps.com
📬 Mailing Address: 705-14 Keystone Park Drive, Morrisville NC, 27560 USA

  • For Insurance Companies
  • For Doctors
  • For Hospitals
  • For Orthodontists
  • For Attorneys
  • For Contractors
  • Debt Collection Services
  • Leads on demand
  • Top UCaaS Providers
  • Contact
  • HIPAA Privacy Policy
  • Vision & Mission
  • Policies
  • Leadership

Mid Atlantic Business Management Inc.

Also Trade As :- Midatlantic B2B; 705-14 Keystone Park Drive, Morrisville NC, 27560 USA

+1 (276) 622-6222

Copyright © 2018-2025 Mid Atlantic Business Management Inc - All Rights Reserved.      

Also doing business as: Midatlantic B2B

“North Carolina’s Best” Contact Centre Outsourcing solutions!

  • Outsourcing made easy & affordable; Full-time Dedicate Employees who will be assigned to your project (160 hours per month) and you will be billed on a monthly basis, We provide Trial services as low as at $05.00/hour.
  • Best fit for Claims Handling, Call Centre needs, Answering Services & Debt collections.
  • You pay only $750.00 (USD) for a dedicated resource for 160 hours. 

BOOK DEMO FOR FREE

This website uses cookies.

We use cookies to analyze website traffic and optimize your website experience. By accepting our use of cookies, your data will be aggregated with all other user data.

DeclineAccept