Security Policy

Sync-Think Patient Privacy and HIPAA

We understand that most of our customers are “Covered Entities” under the Health Insurance Portability and Accountability Act (“HIPAA”) privacy and security regulations. As HIPAA Covered Entities, our customers are legally obligated to maintain the privacy of all patient information that they create or receive.

While Sync-Think is not a HIPAA Covered Entity, we recognize the impact that HIPAA privacy and security regulations have on our customers. Sync-Think remains committed to interacting with our customers and their patients as responsible professionals who are dedicated to maintaining the privacy of information that we receive on the job, consistent with applicable law and regulations.
To perform our jobs, Sync-Think employees may create, develop or receive information about patients’ experiences with our medical devices in a variety of situations, including:

– Providing information or technical support for our products
– Interacting with other members of the healthcare provider team regarding a particular patient’s diagnosis and treatment
– Receiving questions and suggestions about our products and services from patients, athletic trainers, nurses, physicians and other healthcare providers
– Enrolling patients in clinical trials we sponsor
– Collecting information as required by the FDA and other governmental authorities relating to the quality, safety and efficacy of our devices
– Collecting, analyzing and re-analyzing our data in a continuous effort to improve the design, quality and function of our devices
– Storing and analyzing patients’ Protected Health Information for our customers in a HIPAA secure cloud database

We have provided training materials on HIPAA to our employees and expect our employees to respect each customer’s explicit and implicit instructions regarding incidental exposure to protected health information while visiting that customer’s site.
If you have any questions or concerns, please contact us at HIPAA@syncthink.com.