Security & Compliance

    HIPAA Compliance

    Our commitment to protecting patient health information

    Our HIPAA Commitment

    ClaimCode is committed to maintaining the highest standards of privacy and security for protected health information (PHI). We understand that wellness practices entrust us with sensitive patient data, and we take this responsibility seriously. Our platform is designed with privacy-first architecture and security controls that meet or exceed HIPAA requirements.

    Security Measures

    Data Encryption

    All data is encrypted in transit (TLS 1.3) and at rest (AES-256). We use industry-standard encryption protocols to protect your data at every stage.

    Access Controls

    Role-based access controls ensure that only authorized personnel can access PHI. All access is logged and auditable.

    Secure Infrastructure

    Our infrastructure is hosted on HIPAA-compliant cloud providers with SOC 2 Type II certification and regular security audits.

    Employee Training

    All team members receive HIPAA training and are bound by confidentiality agreements. We maintain a culture of security awareness.

    Privacy-First Architecture

    • We minimize PHI storage - patient identifiers are not stored in our backend systems when possible
    • Data is processed in isolated environments with strict access controls
    • We maintain comprehensive audit logs of all data access
    • Regular security assessments and penetration testing
    • Incident response procedures in place for potential breaches
    • Business Associate Agreements (BAAs) available for all customers

    Business Associate Agreement

    ClaimCode enters into Business Associate Agreements (BAAs) with all customers who require them. Our BAA outlines our obligations regarding the handling, storage, and transmission of protected health information. BAA execution is part of our standard onboarding process for all Early Access customers.

    Questions About Compliance?

    For questions about our HIPAA compliance, security practices, or to request our BAA, please contact us:

    ClaimCode (Core Wrk, LLC)

    Email: andrew@claimcode.app

    Location: Newton, Massachusetts