Exco InTouch, a provider of patient engagement and data capture solutions for clinical research and healthcare providers, has announced that it has successfully undergone and completed an independent audit to assess compliance utilizing the National Institute of Standards and Technology (NIST) guidelines for Health Insurance Portability and Accountability Act (HIPAA), formally completing the independent auditing process for Privacy & Security.

HIPAA rules constitute a set of regulations from the HHS relating to any Protected Health Information (PHI) that identifies health or financial data of U.S. citizens stored on computer systems. The Security Rule specifies a series of administrative, physical, and technical safeguards for covered entities and their business associates to use to assure the confidentiality, integrity, and availability of electronic PHI. 

Dale Jessop, chief technology officer at Exco InTouch, said, “Privacy, Security and the protection of personal information remain the highest priority for Exco InTouch. Whilst no formal certification for HIPAA exists, we have taken the approach to be independently audited against NIST guidelines for HIPAA, both on security and more recently privacy provides further reassurance to our customers that Exco InTouch business operations are aligned to comply with HIPAA standards.”

Tim Davis, CEO and co-founder of Exco InTouch, said, “I am extremely proud of the team involved throughout the audit process, and also that of the 64 HIPAA security citations and the 20 HIPAA privacy citations applicable to our business, no findings were reported." As a result of this audit, Exco InTouch customers (for whom the company provides mobile and digital patient engagement solutions), can continue to be assured that their programs comply with these stringent privacy and security safeguards.