Effective 03/03/2023
We welcome you to www.acubliss.app operated by DynaBliss, Inc. In the below HIPAA Compliance Statement, we inform you about the use or disclosure of protected health information, when you as Health Care Provider or Client of a Health Care Provider (collectively “customer”) use AcuBliss.
At DynaBliss, we take all necessary measures to comply with the most stringent privacy and security regulations, including the U.S. Health Insurance Portability and Accountability Act (“HIPAA”) of 1996. The AcuBliss platform is designed to enable our customers to comply with such requirements under applicable patient privacy laws. In addition, DynaBliss takes all reasonable steps to keep the use or disclosure of protected health information to an absolute minimum in order to provide the promised services to its customers.
What is HIPAA?
The Health Insurance Portability and Accountability Act (HIPAA) establishes two important rules for your practice in connection with the use of DynaBliss, namely the security provision and the privacy provision.
Both are established under a general HIPAA category called the Administrative Simplification Act and mutually the provisions affect the transmission, storage, and management of patient information.
The security provision’s purpose is to protect confidential medical information and establishes guidelines to facilitate the storage, maintenance, and transmission of protected health information in a "secure electronic environment". This includes administrative procedures and physical safeguards, as well as technical measures to control and monitor access to protected health information and prevent unauthorized access to data during transmission.
The privacy rule addresses the use and disclosure of protected health information and requires all practices to comply with and to make reasonable efforts to limit the use and disclosure of such protected health information by staff to the "minimum necessary" to perform their jobs.
Further, it is expected to limit the likelihood of "inadvertent disclosure" to individuals for whom there is no reasonable need to know as a matter of law and of course a log of disclosures of certain protected health information that is not directly related to the patient's care must be maintained.
What is AcuBliss?
If you are a healthcare provider, the Services provide you with practice management tools to schedule appointments, chart patient notes, track important demographic and insurance information, bill patients, manage inventory, communicate with patients, and view relevant reporting data about your practice.
The AcuBliss platform is designed with specific features to help our customers comply with HIPAA regulations and uses a relational database that employs a secured username and password login process. Which means that users must have specific access rights, such as to edit or add data, or are denied access to certain data, and when a user adds or changes data in the database, a record is created indicating the change (the revision log).
Customer Support
Business partner
HIPAA Policy
To implement these requirements for business associates and to protect the confidentiality and integrity of patient data received, our HIPAA Policy sets forth the following:
It provides that DynaBliss will retrieve and use confidential patient data provided by its customers only to the extent necessary to perform customer service and support.
It restricts access to such data to those employees and agents who provide specific service and support.
It prohibits the disclosure of patient data provided by customers to anyone who is not an employee or agent of DynaBliss, unless specifically authorized by DynaBliss and by the customer and/or patient, as appropriate.
It requires all DynaBliss employees and agents to report any use or disclosure of patient data in violation of this Policy.
It provides that DynaBliss will investigate all reports that patient data has been used in a manner not permitted by this Policy and will impose appropriate sanctions on conduct prohibited by the policy.
It specifies that DynaBliss employees who may come into contact with patient data receive training on DynaBliss' privacy and security regime and policies and the importance of protecting the confidentiality and security of patient data.
It provides for transferring patient data provided by customers in a secured manner so that the integrity, confidentiality and availability of the data is protected.
Your HIPAA Rights
When it comes to your health information, you have additional rights. To exercise any of these rights, contact us at the contact information listed above.
In particular:
You can ask to see or get an electronic or paper copy of your medical record and other health information we have about you.
You can ask us to correct health information about you that you think is incorrect or incomplete.
You can ask us to contact you in a specific way (for example, home or office phone) or at a specific location (for example, to send mail to a different address).
You can tell us your choices about what we share.
You can ask us to limit what we use or share
You can get a list of those with whom we have shared information
You can get a copy of this Notice
You can choose someone to act for you
You can file a complaint if you feel your rights are violated
Our Recommendations
DynaBliss has put together some suggestions to help ensure that your patients' data are managed by your practice in a responsible and HIPAA-compliant manner when using the AcuBliss platform:
Be sure to obtain explicit (preferably written) permission from your patients to use the AcuBliss platform.
Keep your passwords in a secure location that unauthorized staff and patients cannot access.
Set up user accounts for your computers that require users to log in with a password.
Always lock or log out of your AcuBliss account when not in use.
Use unique identifiers for your patients when using AcuBliss to increase privacy.
Develop standard procedures under which every handling of patient images must be documented.
Keep your laptop, computer and digital camera within your practice in a secure location with limited access.
Keep a copy of your AcuBliss User Agreement (issued at the time you subscribe to AcuBliss).
In addition to complying with HIPAA security recommendations, DynaBliss adheres to the FTC's Security by Design Guidelines:
Data security is carefully assessed for each component of the AcuBliss platform;
Data is encrypted both in transit and at rest;
AcuBliss uses two-factor authentication;
AcuBliss is protected against common vulnerabilities; and
Our team keeps up to date with new vulnerabilities and keeps the software updated accordingly.
Network Protection
Controlled Employee Access
User Passwords
Encryption
Physical Security
Access tracking and disclosure
Does this Compliance Statement change?
Who should I contact for more information?
DynaBliss, Inc.
2226 MacArthur Blvd, #27505,
Oakland, California 94602, USA
Web: www.acubliss.app
E-Mail: privacy@dynabliss.com
This HIPAA Compliance Statement was last updated on Friday, March 03, 2023