Legal Documents

 

OpenMetal, Inc.
HIPAA and HITECH Compliance Information

Last Updated: March 14, 2025

HIPAA Compliance Badge Dark

As a provider of cloud and dedicated bare metal services, OpenMetal understands the critical importance of data security and privacy, especially for our customers in the healthcare industry. While OpenMetal is not a covered entity under HIPAA, we recognize our role as a “Business Associate” and are committed to upholding the highest standards of compliance with the Health Insurance Portability and Accountability Act (“HIPAA”) and the Health Information Technology for Economic and Clinical Health (“HITECH”) Act which defines policies, procedures, and processes that are required for companies that store, process, or handle electronic protected health information (ePHI).

Here’s how we ensure our good faith effort toward HIPAA and HITECH compliance:

  • Robust Security Framework: Our security and privacy policies are grounded in the ISO 27001:2022 Information Security Management System (ISMS) framework. This internationally recognized standard provides a comprehensive approach to managing information security, encompassing all aspects of confidentiality, integrity, and availability.
  • Proactive Security Measures: We maintain rigorous logical and physical security controls to protect sensitive data. Our business continuity plans ensure resilience in the face of disruptions, and we actively monitor legal and contractual compliance.
  • Comprehensive Policies and Procedures: We have documented policies and procedures for all key work groups and functional areas, including those specific to HIPAA/HITECH. These documents are regularly reviewed and updated to reflect industry best practices and regulatory changes.
  • Incident Response and Breach Notification: We have a well-defined process for recording, resolving, and closing security incidents. In the event of a Protected Health Information (PHI) or Personally Identifiable Information (PII) data breach, we have established procedures for notification and regulatory advisement, ensuring prompt and appropriate action.
  • Regular Security Assessments: OpenMetal conducts periodic HIPAA/HITECH Security Assessments to evaluate our compliance posture and identify areas for improvement. These assessments help us proactively address potential vulnerabilities and maintain the highest level of security for our customers’ data.

OpenMetal is dedicated to providing a secure and compliant environment for our customers. By adhering to HIPAA and HITECH standards, we aim to build trust and confidence in our services, enabling our customers to focus on their core mission of delivering quality goods and services.

To learn more about our specific security measures and how we protect your sensitive data, please contact us:

OpenMetal, Inc.

Attn: Compliance and Legal

555 S. Independence Blvd.

Virginia Beach, VA 23454

legal@openmetal.io 

By submitting a request you agree to the terms of the Privacy Policy regarding your personally identifiable information.