SVL HIPAA COMPLIANCE STATEMENT
Smart Vision Labs, Inc. (SVL) is committed to and has implemented many safeguards to ensure its devices, services, websites and data systems (collectively “Products”) are compliant with the regulations and conditions set forth in the Health Insurance Portability and Availability Act of 1996 (HIPAA). SVL is committed to continuous improvement to ensure SVL Products incorporate state-of-the-art information technology privacy and security measures.
As a “Business Associate” per the definition in the HIPAA Act, and by assignment of the HIPAA covered entity, SVL is subject to the following controls:
Administrative Safeguards (HIPAA 164.308). SVL has implemented policies to ensure appropriate assignment of data access permissions and proper movement and handling of that data. HIPAA training is an annual mandated event for all staff, as well as annual review of policy effectiveness during internal or 3rd party auditing of our Products.
Physical Safeguards (HIPAA 164.310). SVL’s primary physical safeguard is to not retain sensitive data in any public or private SVL location other than those assigned for database management and quality assurance activities. Specific workstation usage, disposal, reuse and security measures are in place. Access to SVL facilities are all independently controlled via card access preventing walk-up intrusion. SVL’s data center uses a cloud based architecture with inherent security measures including 24 hours monitoring, advanced fire protection systems, uninterruptible power and database redundancy. Annual audit of the facility security plan, disaster recovery plan, and contingency plans are in place.
Technical Safeguards (HIPAA 164.312). To further protect sensitive data, SVL enforces unique software architecture that includes user identifications, various database audit logging, data integrity systems and verified backups, entity authentication programs, digital certificates, various levels of encryption and other custom architecture to further obscure sensitive data from threats.