x
Advarra

Community

Advarra Clinical Research Network

Onsemble Community

Diversity, Equity, & Inclusion

Participants & Advocacy

Advarra Partner Network

Community Advocacy

Sign up for the Site-Sponsor Consortium Newsletter

Reviews

Institutional Review Board (IRB)

Institutional Biosafety Committee (IBC)

Data Monitoring Committee (DMC)

Endpoint Adjudication (EAC)

Consulting

GxP Services

Research Compliance & Site Operations

Professional Services

Coverage Analysis​

Budget Negotiation​

Calendar Build 

Technology Staffing

Training

Clinical Research Site Training

Research-Ready Training

Custom eLearning

Services for

Sponsors & CROs

Sites & Institutions

BioPharma & Medical Tech

Oncology Research

Decentralized Clinical Trials

Early Phase Research

Research Staffing

Cell and Gene Therapy

Ready to Increase Your Research Productivity?
View All Services

Solutions for Need

Clinical Trial Management

Clinical Data Management

Research Administration

Study Startup

Site Support and Engagement

Secure Document Exchange

Decentralized Clinical Trials

Oncology Research

Early Phase Research

Research Site Cloud

Solutions for Sites

Enterprise Institution CTMS

Health System/Network/Site CTMS

Electronic Consenting System

eSource and Electronic Data Capture

eRegulatory Management System

Research ROI Reporting

Automated Participant Payments

Life Sciences Cloud

Solutions for Sponsors/CROs

Clinical Research Experience Technology

Center for IRB Intelligence

 

Not Sure Where To Start?
Start Here
View All Solutions

Resource Library

Podcast

Blog

White Papers

View All Resources

Webinars

eBooks

Case Studies

Events

Ask the Experts

Frequently Asked Questions

COVID-19 Support

News

Check out the latest episodes of Advarra in Conversations with..

About Advarra

Careers

Consulting Opportunities

Leadership Team

Our Experts

Accreditation & Compliance

Join Advarra

Learn more about our company team, careers, and values. Join Advarra’s Talented team to take on engaging work in a dynamic environment.

See Jobs

HIPAA Compliance Statement

Bio-Optronics was acquired by Advarra March 9, 2021

This HIPAA compliance statement describes Advarra’s policies, procedures, controls and measures to ensure current and ongoing compliance.

About HIPAA

The Health Insurance Portability and Accountability Act of 1996 (HIPAA) defines a set of regulations protecting the privacy and security of certain health information. The Department of Health and Human Services (HHS) has published what are commonly known as the HIPAA Privacy Rule and the HIPAA Security Rule. The Privacy Rule, or Standards for Privacy of Individually Identifiable Health Information, establishes national standards for the protection of certain health information. The Security Standards for the Protection of Electronic Protected Health Information (the Security Rule) establish a national set of security standards for protecting certain health information that is held or transferred in electronic form.

A major goal of the Security Rule is to protect the privacy of individuals’ health information while allowing covered entities to adopt new technologies to improve the quality and efficiency of patient care. Given that the health care marketplace is diverse, the Security Rule is designed to be flexible and scalable so a covered entity can implement policies, procedures, and technologies that are appropriate for the entity’s particular size, organizational structure, and risks to consumers’ e-PHI.

The Security Rule applies to health plans, health care clearinghouses, and to any health care provider who transmits health information in electronic form in connection with a transaction for which the HHS has adopted standards under HIPAA (the “covered entities”) and to their Business Associates.

Advarra’s Commitment

Advarra’s works with many organizations who may be defined as a Covered Entity under HIPAA and due to the nature of the services provided, Bio-Optronics may be required to act as a Business Associate under HIPAA.

Advarra has undergone a comprehensive review of all administrative, technical, and physical safeguards to ensure the protection of e-PHI.

This includes:

  1. Ensuring the confidentiality, integrity, and availability of all e-PHI created, received, maintained, or transmitted
  2. Identifying and protecting against reasonably anticipated threats to the security or integrity of the information
  3. Protecting against reasonably anticipated impermissible uses or disclosures
  4. Ensuring compliance by our workforce

Advarra is also GDPR compliant, and all our technical, operational, and administrative systems comply with the ‘Privacy by design’ and ‘Privacy by default’ standards required by the GDPR. HIPAA compliance provides an additional layer of security in handling any personal healthcare data that may pass through our systems.

Controls Implemented

Advarra has implemented the necessary controls to ensure HIPAA compliance including administrative, physical, and technical controls.

Risk Assessment
As part of our security management process, Bio-Optronics conducts annual risk assessments including likelihood and impact of potential risks. A risk assessment helps ensure that controls are appropriate to address the needs of the organization. Conducting these annually ensures that organizations continue to provide the highest level of security for the data that they have been entrusted to protect.

Administrative Safeguards
Bio-Optronics has implemented a security management process, including appropriate standard operating procedures (SOPs) and policies. A security manager has been assigned to help develop and review procedures and policies. Staff are kept up to date with changes and are trained on HIPAA and security annually. Internal review of these safeguards is done regularly to ensure compliance and for continual improvement.

Physical Safeguards
Bio-Optronics ensures that the data centers have implemented strict facility access policies and all necessary and appropriate controls. Strict policies are in place to ensure e-PHI is only housed in secure locations.

Technical Safeguards
Bio-Optronics has implemented appropriate technical safeguards including authentication and authorization for our employees and for user of our applications. Appropriate auditing and integrity controls are in place. All data transmissions to the data centers require encryption. Additional systems have been implemented where appropriate to ensure the highest level of security for our hosted applications.

Contact Information

Further documentation on specific policies and measures in place is available upon request. This Statement of HIPAA Compliance is meant for informational purposes only and not as a form of covenant, warranty, representation or guarantee of any kind. We encourage the use of Business Associate Agreements to address specific compliance requirements.

For further information, please contact us by one of the following methods:

E-mail: corporatecompliance@advarra.com

Mail:   Advarra Headquarters

6100 Merriweather Dr., Suite 600
Columbia, MD 21044

You can call the following telephone number: 410.884.2900

Read the Privacy Policy

Subscribe to our monthly email

Receive updates monthly about webinars for CEUs, white papers, podcasts, and more.

Subscribe

Advancing Clinical Research: Safer, Smarter, Faster

Copyright © 2024 Advarra. All Rights Reserved.