HIPAA Compliance
FirstImpact Med protects patient health information through administrative, technical, and physical safeguards designed to support HIPAA privacy and security requirements.
Administrative Safeguards
Policies, role-based access, confidentiality obligations, and documented procedures guide how protected health information may be used, disclosed, and handled.
Technical Safeguards
Protected systems use access controls, secure transmission, encryption where information is stored, and activity monitoring designed to reduce unauthorized access.
Physical Safeguards
Devices, workspaces, and account access are managed to limit exposure of patient information to authorized team members with a business or clinical need.
Staff Training
Team members who handle patient information receive HIPAA-focused training and must follow confidentiality, minimum-necessary, and incident-reporting procedures.
Our HIPAA Commitment
FirstImpact Med handles patient information using a minimum-necessary approach. We use privacy and security safeguards designed to protect protected health information during intake, physician review, documentation, billing, and authorized record access.
Your Rights Under HIPAA
Under HIPAA, you have the right to:
- Access your medical records
- Request corrections to your health information
- Request restrictions on certain uses or disclosures
- Request confidential communications
- Receive an accounting of certain disclosures
- Receive a copy of our Notice of Privacy Practices
- File a privacy complaint if you believe your rights have been violated
Notice of Privacy Practices
Our Notice of Privacy Practices explains how we may use and disclose protected health information for treatment, payment, health care operations, legally required disclosures, and other permitted purposes. It also explains patient rights and how to contact us with privacy questions. A copy is provided during onboarding and is available upon request.
Business Associates
Vendors and service providers that create, receive, maintain, or transmit protected health information for FirstImpact Med are reviewed for HIPAA fit and, where required, must sign a Business Associate Agreement before accessing PHI.
Breach Notification
If we discover a breach involving unsecured protected health information, we will investigate, take corrective action, and provide required notifications in accordance with applicable HIPAA breach notification requirements.
Contact Our Privacy Officer
For privacy questions, requests, or complaints, contact FirstImpact Med at admin@firstimpactmed.com. If your message contains sensitive health information, use the secure portal when available. Do not use email for emergencies; call 911 or go to the nearest emergency room.