HIPAA / HITECH Assessment

HIPAA COMPLIANCE STATEMENT

Updated October 18, 2023

Brian L Tuttle, Inc

PO Box 113

Swainsboro, GA 30401-0113

brian@hipaa-consulting.com

www.hipaa-consulting.com

On October 18th, 2023, I conducted a HIPAA/HITECH Security Risk Assessment for Spinal Technology, LLC doing business out of 191 Mid Tech Dr., West Yarmouth, MA 02673. This assessment was performed to evaluate and assess compliance of systems, policies and procedures against the 18 Standards and 44 Implementation Specifications of the HIPAA/HITECH Security Rule. Based on my review of the organization’s systems and through interviews with key staff members, risks relating to the Administrative, Physical, and Technical Standards for securing electronic protected health information (EPHI) are mitigated to reasonable and appropriate levels through current controls and procedural changes enforced by policy. This audit is part of the organization’s ongoing HIPAA/HITECH compliance effort. As policy, a third-party external HIPAA/HITECH Security audit (or an internal HIPAA/HITECH Security audit) is conducted on a periodic basis or whenever any major technical, procedural, or legislative changes occur to ensure the organization is taking reasonable and appropriate actions regarding the security of electronic protected health information.

Questions regarding our HIPAA policies or compliance may be directed to:

Kathryn Perry, HIPAA Privacy Officer
compliance@spinaltech.com.