The Clinical Growth Operating System

HIPAA Compliance Statement

Our commitment to protecting patient information through industry-leading security and governance.

Last updated: 3/25/2026

Our Commitment to Security

At NexHealth Healthcare Marketing, we understand that protecting patient data is not just a regulatory requirement, but a fundamental trust between healthcare providers and their patients. We are fully committed to complying with the Health Insurance Portability and Accountability Act (HIPAA) and the Health Information Technology for Economic and Clinical Health (HITECH) Act.

Business Associate Agreements (BAA)

As a marketing and automation partner for healthcare facilities, NexHealth Healthcare Marketing acts as a Business Associate. We execute comprehensive Business Associate Agreements (BAAs) with all our covered entity clients before handling any Protected Health Information (PHI).

Technical Safeguards

  • Encryption: All PHI is encrypted both in transit (using TLS 1.2 or higher) and at rest (using AES-256 encryption).
  • Access Controls: We employ strict role-based access controls (RBAC) and multi-factor authentication (MFA) to ensure that only authorized personnel can access systems containing PHI.
  • Audit Logs: Comprehensive audit trails are maintained for all access to and modifications of PHI.
  • Secure Infrastructure: Our applications are hosted on HIPAA-compliant cloud infrastructure with dedicated security perimeters.

Administrative Safeguards

  • Employee Training: All NexHealth Healthcare Marketing employees undergo mandatory, rigorous HIPAA compliance training upon hire and annually thereafter.
  • Policies and Procedures: We maintain documented security policies and procedures that are regularly reviewed and updated.
  • Incident Response: We have a formal incident response plan in place to rapidly address and report any potential security breaches.

Physical Safeguards

While our operations are primarily digital, we ensure that any physical locations where our staff operate have appropriate security measures, including restricted access, clean desk policies, and secure disposal of any physical media.

Contact Our Privacy Officer

If you have any questions about our HIPAA compliance program or need to report a security concern, please contact our Privacy Officer at:
privacy@thenextgenhealth.com
3001 Skyway Cir N, Irving, TX 75038