How are LuxSci’s services HIPAA compliant
Who or what agency certifies that LuxSci's HIPAA compliant services truly meet HIPAA compliance standards?
Currently there is no organization that certifies any other organization as HIPAA compliant. Covered Entities can be audited by the department of Health and Human services at any time and face steep fines and or other negative consequences for data breaches or other HIPAA violations. LuxSci designates your account as HIPAA compliant in that we consider ourselves a HIPAA Business Associate of your organization and that we have configured and locked down your organization's use of our services to comply with our HIPAA Security Restrictions, which all meet or exceed the Technical Safeguards of the HIPAA Security Rule. LuxSci does not certify HIPAA compliance of services whose usage is largely in the organization's purview, such as web hosting, however, we provide strong recommendations and an infrastructure allowing for your organization to use these services in a HIPAA compliant manner.