Fineax takes the privacy and security of our customer's data seriously. To ensure compliance with HIPAA regulations, Fineax implements several rules, including the Security Rule, Privacy Rule, Data Infringement Rule, and Enforcement Rule.
The Security Rule outlines the necessary safeguards for electronically protected health information (ePHI) for both covered entities and business associates. This rule includes physical, technical, and administrative safeguards to protect ePHI from unauthorized access or disclosure.
The Privacy Rule establishes standards to protect patients' medical records and prohibits the disclosure of protected health information (PHI) without authorization. PHI includes individually identifiable health information held or transmitted by a covered entity or business associate in any form or media.
In the event of a data breach or unauthorized disclosure of PHI, the Data Infringement Rule requires covered entities to report the incident to affected individuals.
The Enforcement Rule outlines the consequences of HIPAA violations and how complaints and violations will be investigated.
Fineax uses HIPAA's Safe Harbor process for the de-identification of medical images in its data sets. This process confirms the removal of all 18 direct identifiers in DICOM header data, and Fineax has implemented policies, procedures, and technical measures to prevent re-identification.
To ensure the security of customer data, Fineax utilizes the highly secure and flexible AWS cloud infrastructure. AWS's data centers are staffed 24/7/365 by trained security guards, and access is authorized strictly on a least privileged basis. Environmental systems are designed to minimize disruptions to operations, and multiple geographic regions and Availability Zones provide resilience in the face of failure modes.
Data Storage :
Fineax utilizes Amazon Web Services (AWS) for data storage, which provides a highly secure and scalable cloud computing environment. AWS's data centers are among the most secure in the world and feature state-of-the-art electronic surveillance and multi-factor access control systems. These data centers are staffed 24/7/365 by trained security guards who provide access on a least privileged basis.
Fineax's data is stored on AWS servers in multiple geographic regions and Availability Zones to ensure data availability and resiliency in the event of any failure modes. Additionally, AWS's environmental systems are designed to minimize the impact of disruptions to operations.
Fineax has implemented various policies and technical measures to ensure the security and privacy of its clients' data. This includes regular monitoring and auditing of access to data and the implementation of industry-standard encryption protocols for data in transit and at rest. Fineax also conducts regular vulnerability assessments and penetration testing to identify and remediate any potential security risks.
HIPAA Compliance:
Fineax is committed to complying with the Health Insurance Portability and Accountability Act (HIPAA) and its regulations. As a provider of healthcare-related AI solutions, Fineax handles protected health information (PHI) and is therefore considered a covered entity under HIPAA.
To ensure HIPAA compliance, Fineax has implemented various technical, physical, and administrative safeguards for the protection of PHI, as outlined in the HIPAA Security Rule. These safeguards include access controls, network security, data encryption, and data backup and disaster recovery measures.
Fineax also adheres to the HIPAA Privacy Rule, which outlines the standards for protecting patients' medical records and prohibits the disclosure of PHI without proper authorization. In the event of any unauthorized use or disclosure of PHI, Fineax has established a process for reporting and investigating such incidents, as required by the HIPAA Breach Notification Rule.
Overall, Fineax is committed to providing its clients with secure and compliant healthcare-related AI solutions, while ensuring the privacy and protection of their sensitive data.