HIPAA Compliance
How we protect health information with HIPAA-conscious workflows across the revenue cycle.
Last updated: July 2026
Our commitment to HIPAA
Nex Records is committed to protecting the privacy and security of health information. Because revenue cycle management involves handling sensitive data, we operate with HIPAA-conscious workflows designed to safeguard protected health information (PHI) at every stage of the revenue cycle.
Safeguards we maintain
Our approach to protecting health information includes:
- Administrative safeguards — role-based access, workforce training and documented policies.
- Technical safeguards — encryption of data in transit, access controls, authentication and activity monitoring.
- Physical and operational safeguards — restricted access to systems and secure handling of information.
- Minimum necessary principle — staff access only the information required to perform their role.
Business Associate Agreements
When we provide revenue cycle services that involve PHI, we do so under a Business Associate Agreement (BAA) with the covered entity, as required by HIPAA. The BAA defines the permitted uses of PHI and our obligations to protect it.
Website and PHI
This public website does not collect patient data. Please do not submit any PHI through our website forms — they are intended for business inquiries only. PHI is only handled within secure service workflows governed by a signed agreement, never through this website.
Breach response
We maintain incident-response procedures to detect, contain and respond to security events. In the event of a reportable breach involving PHI, we follow applicable notification requirements and coordinate with the affected covered entity.
Shared responsibility
HIPAA compliance is a shared responsibility between healthcare providers and their business associates. We provide the safeguards described here as part of our services; providers remain responsible for their own compliance obligations. This page describes our practices and is not a certification.
Questions?
Contact us about this policy at:
Vaishnav@Nex-Records.comNex Records, 8 The Green, STE D, Dover, County of Kent, Delaware 19901, United StatesThis page is maintained by Nex Records to explain how we handle information on this website. It is provided for transparency and is not legal advice. See our Privacy Policy, Terms of Service and HIPAA Compliance pages for related details.