ConnectVirginia Statement on Privacy and Security

ConnectVirginia takes its responsibility in maintaining the privacy and security of protected health information (PHI) very seriously. The Health Insurance Portability and Accountability Act of 1996 (HIPAA), among other federal and state laws, requires covered entities to protect the privacy and security of PHI. While ConnectVirginia is not a covered entity, it is a business associate of its client health care providers. It is through this business associate relationship with its clients that HIPAA and other laws become applicable to ConnectVirginia.

To fulfill its commitments as a business associate and recognizing that compliance with privacy laws is of the utmost importance to its clients and stakeholders, ConnectVirginia has implemented many policies and procedures as well as proactive, preventative security features. State-of-the-art systems and the latest technical standards are employed to secure records to the greatest degree possible and prevent access by unauthorized persons.