Cort is dedicated to the protection of protected health information (PHI) as mandated by the Health Insurance Portability and Accountability Act (HIPAA). We understand the critical nature of maintaining the privacy and security of PHI, and have implemented robust measures that fulfill the requirements set forth by HIPAA and the Health Information Technology for Economic and Clinical Health (HITECH) Act.

Safeguarding PHI

Cort has established comprehensive internal controls and procedures that are rigorously monitored and regularly updated to ensure the privacy and security of PHI. These measures include physical, administrative, and technical safeguards that effectively protect PHI against unauthorized access, use, or disclosure.

We utilize advanced encryption methods during data transmission and storage. Our IT infrastructure is designed to secure PHI from unauthorized access, whether the data is at rest or in transit.

Cort conducts regular risk assessments to identify vulnerabilities in our PHI handling processes and implements necessary changes or enhancements to mitigate identified risks.

Business Associate Agreements (BAAs)

Cort is fully compliant with HIPAA’s requirement to execute Business Associate Agreements with all customers and applicable third parties. These BAAs formalize our commitments to safeguarding PHI, stipulating detailed obligations regarding data protection, breach notifications, and secure data access. We ensure that all our partners and third-party service providers who handle or have access to PHI are also compliant with HIPAA requirements, safeguarding data throughout our entire operation and business network.