APA complies with all applicable Federal and State regulatory standards.
APA has developed and implemented internal policies and procedures related to the use and disclosure of Personal Identifiable Information (PII) and Protected Health Information (PHI) that are compliant with HIPAA and HITECH standards.
All APA employees, contractors, and interns complete mandatory Privacy and Security Training with emphasis on ensuring proper collection and handling of consumer PII/PHI. Training is completed on the first day of work, and refresher education is mandated annually. Course completion and test results are tracked through APA’s Learning Management System. APA ensures that any agent, including a subcontractor, to whom PII/PHI is provided or from whom it is received, agrees to the same restrictions and conditions with respect to such information.
It is the policy of APA that personal information about consumers being screened for medical assistance programs will be collected only to the extent necessary to provide the services or benefit desired; that only appropriate information will be collected; and that the consumer shall understand the reason the information is being collected. APA complies with all state and federal security standards and applicable laws and regulations related to access and control of sensitive information.
Every APA computer is encrypted to ensure that sensitive information is only accessible to the registered user of that machine. In addition, APA ensures that our email communications containing PHI information are fully encrypted.
APA has implemented physical safeguards at our facilities, including security systems, key fobs for every building entry point, and controlled scheduled access for all employees.
“APA is committed to maintaining the highest standards of compliance and security.”
Advanced Patient Advocacy