Information and data security is paramount at CentralReach.
CentralReach is HIPAA compliant.
CentralReach understands the critical importance of securing and safeguarding the Protected Health Information of your clients and complying with our collective responsibilities under HIPAA. Our organization has taken numerous measures in its product applications, policies, and procedures as well as an extra precautionary step involving guidance from outside assessment firms that review, assess and certify our compliance with HIPAA. CentralReach completed its most recent HIPAA assessment after working through a rigorous process with the nationally recognized accounting and consulting firm BDO, which attested to CentralReach being HIPAA compliant in January 2020.
CentralReach complies with privacy laws and regulations.
In addition to protecting health information in accordance with HIPAA, CentralReach understands the importance of complying with privacy laws and regulations with respect to personally identifiable information. Accordingly, CentralReach has taken numerous steps to protect the personally identifiable information of our customers and their clients. CentralReach recently worked with the nationally recognized privacy assessment firm TRUSTe, through its TrustArc division, to review and assess its privacy policies and procedures. TRUSTe attested that CentralReach had satisfied all United States Privacy Shield Customer Data Verification requirements in March 2020.
CentralReach has the pleasure of serving foreign as well as domestic customers, and in recognition of that, CentralReach applied and was accepted by the US Department of Commerce into both the EU-U.S. Privacy Shield and the Swiss-U.S. Privacy Shield programs in March 2020, and complies with both the European General Data Protection Regulation (GDPR), including through the use of Standard Contractual Clauses, as well as Canada’s Personal Information Protection and Electronic Documents Act (PIPEDA).