HIPAA Compliance Statement NexCure LLC

At the NexCure LLC, confidentiality, integrity, and security of all the Protected Health Information (PHI) that we deal with on behalf of our clients is our priority. Being a reputable supplier of Revenue Cycle Management (RCM) services, medical billing as well as healthcare support options, we work in complete adherence to the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and all related HITECH (Health Information Technology for Economic and Clinical Health Act) mandates.

Our organization is fully aware of the essence of data protection in the field of healthcare. This is the reason why we have introduced powerful administrative, physical, and technical measures so that we can be compliant and keep practicing the highest degrees of trust with our clients and their patients.

In our HIPAA compliance commitment we cover

NexCure LLC watches its federal and state-based HIPAA activities every day. These have been changes in connection with the HIPAA Privacy Rule, Security Rule, Breach Notification Rule, and standardized transaction/code sets.

The safety of all systems that operate PHI is guaranteed by the use of secure user authentication, role-based access, data encryption, firewall protection, anti-malware software, and multi-factor authentication. Only designated employees can get access to the sensitive data and every activity is logged and monitored.

Any used platform, both within the company and delivered to the clients, is tested to ensure maximum HIPAA compliance. These are our billing software, EHR integrations, secure messaging and patient portal. We continuously review the vendors of software and perform security risk analysis.

All products and services will be designed or coded with privacy and security as part of its fundamental system design in accordance with industry best practices and HIPAA minimum necessary standard.

Every NexCure employee, contractor, and associate is required to have HIPAA training during onboarding and in recurring basis. Employees are taught on how to recognise and report cases of security and also there is a compulsory signing of the confidentiality agreement by all members of the workforce.

All the covered entities and subcontractors with whom we engage in BAAs specifically define our shared roles and obligations to HIPAA as well as our data security commitments as listed in 45 CFR 164.502 (e).

NexCure LLC has a well-designed incident response plan in the case of an unauthorized access or a possible breach. We evaluate, confine and inform clients as per the rules of HIPAA Breach Notification.

This Notice is about the ways that NexCure LLC can apply and share protected health information (PHI) and how the clients and individuals can access their information. We take up the responsibility of maintaining health information as confidential and secured as per HIPAA regulations.

How We Can Make Use and Disclose PHI

We are allowed to employ and divulge the PHI as the following:

In case of Payments and Billing Operations

We do claims processing, post payments, handle denials, engage in patient billing, and maintain work on accounts receivable by utilizing PHI to promote reimbursement precision and a lower rate of administrative demands on the providers.

In regard to Healthcare Operations

PHI can be utilized internally to undertake data analytics, audit, process improvement, training, compliance, credentials facilities, and other related services in the enhancement of healthcare activities.

Dear Business associates

Since NexCure LLC is a business associate of covered healthcare entities, it will be allowed to obtain, utilize and divulge PHI in as much as it is required to carry out services. HIPAA-compliant Business Associate Agreements also apply to all the subcontracts we deal with.

Right to make complaint

In case you feel that your privacy rights were infringed, you can deliver a complaint to the compliance officer of the NexCure LLC or alternatively, you can submit the complaint to the U.S. Department of Health and Human Services (HHS). Nobody will be punished because he or she has filed a complaint.

In cases required by Law

There is also the possibility that PHI can be shared when legally required, such as in communicating with health departments or when dealing with legal states, law enforcement investigations, or avoiding grave danger to health or safety.

And modifications of this Policy

NexCure LLC gives the right of altering this HIPAA Compliance Statement and Notice of Privacy Practices anytime. These changes will be announced on our official website, and potential clients might receive notifications about it through emails or through service updates. Any further usage of our services accept the changes in the terms.

    Get Free Practice Audit