HIPAA Compliance & Data Protection

Last updated: January 1, 2025

Our Commitment to HIPAA Compliance

Lime Health AI is committed to maintaining the highest standards of compliance with the Health Insurance Portability and Accountability Act (HIPAA). As a technology partner handling protected health information (PHI), we take our responsibility to safeguard patient data seriously.

Business Associate Agreements

Lime Health AI enters into Business Associate Agreements (BAAs) with all covered entities that use our services. These agreements outline our obligations for protecting PHI in accordance with HIPAA requirements.

Administrative Safeguards

We maintain comprehensive administrative safeguards including security management processes, assigned security responsibility, workforce security training, information access management, and security awareness programs for all employees.

Physical Safeguards

Our infrastructure is hosted on HIPAA-compliant cloud platforms with physical access controls, facility access controls, and workstation security measures that meet or exceed HIPAA physical safeguard requirements.

Technical Safeguards

We implement robust technical safeguards including:

  • AES-256 encryption for data at rest
  • TLS 1.2+ encryption for data in transit
  • Role-based access controls with least privilege principles
  • Unique user identification and authentication
  • Automatic session timeouts
  • Comprehensive audit logging and monitoring

Breach Notification

In the event of a breach involving PHI, Lime Health AI follows HIPAA breach notification requirements, including notification to affected covered entities within the required timeframe.

Regular Risk Assessments

We conduct regular risk assessments to identify potential vulnerabilities and threats to the confidentiality, integrity, and availability of PHI. These assessments inform our ongoing security improvement efforts.

Employee Training

All Lime Health AI employees receive HIPAA training upon hire and annually thereafter. Employees with access to PHI receive additional specialized training on data handling procedures.

Contact

For questions about our HIPAA compliance program, please contact our Privacy Officer at privacy@getlimeai.com.