Morrisville, North Carolina, USA 27560



HIPAA is the acronym for the Health Insurance Portability and Accountability Act of 1996, and the term is also frequently used to mean the many regulations, which have been published since 1996 under that law. The HIPAA regulations, including the much-publicized Patient Privacy and Security regulations, are a series of legislation that portray the US Government’s efforts to regulate the healthcare industry. HIPAA insists that any organization that stores or transmits patient information must take enterprise-wide steps to adhere to HIPAA's sweeping privacy, security and transactions standards. Essentially, HIPAA requires healthcare entities to ensure that they protect personal health information and the privacy rights of patients.


Under HIPAA’s Privacy Rule, Rainbow Health is a Business Associate. A Business Associate (BA) is any person(s) or entity, which performs a function or activity on behalf of a Covered Entity (CE) and involves the use or disclosure of Protected Health Information (PHI). At Rainbow Health, we are very serious about compliances. We have undertaken various steps and designed our process to ensure we are fully compliant. Our entire network is very secure. All clients' office records are temporarily stored behind a secure firewall before deletion and all electronic claims are securely encrypted for transmission. Your privacy and security are given the highest priority at Rainbow Health. Rainbow Health ensures that all the changes and updates made by HIPAA are properly and correctly communicated amongst the team to ensure highest standards of security and confidentiality.

The services at Rainbow Health are designed to assure HIPAA compliance in the following way:

  • Every employee at Rainbow Health enters into a confidentiality agreement, the terms of which state that they agree not to use, publish or disclose, or permit others to use, any confidential information they may come in contact with.
  • Violation of this agreement warrants termination and legal action.
  • Completely paperless environment – mainly for security and as a consequence, a ‘Go-Green’ initiative as well.
  • A dedicated Compliance Officer ensures compliance management processes, which are updated regularly and are stringently adhered to.