Last updated: February 2026
SS Support Network LLC is fully committed to compliance with the Health Insurance Portability and Accountability Act (HIPAA). As a business associate to covered entities in the healthcare and NEMT industries, we maintain comprehensive safeguards to protect the confidentiality, integrity, and availability of protected health information (PHI).
Our administrative controls include a designated HIPAA Privacy and Security Officer, comprehensive workforce training upon hire with annual recertification, documented policies and procedures for PHI handling, regular risk assessments and security audits, incident response and breach notification procedures, and workforce sanctions for policy violations.
We maintain physical security through controlled facility access with badge-based entry systems, workstation security policies and clean desk requirements, secure disposal of physical media containing PHI, environmental controls including fire suppression and climate management, and visitor logging and escort procedures.
Our technical protections include end-to-end encryption for data in transit (TLS 1.2+) and at rest (AES-256), multi-factor authentication for all systems accessing PHI, role-based access controls with principle of least privilege, automated session timeouts and account lockouts, comprehensive audit logging and monitoring, and regular vulnerability scanning and penetration testing.
We execute Business Associate Agreements (BAAs) with all covered entity clients before handling any PHI. Our BAAs clearly define permitted uses and disclosures, require breach notification within regulatory timeframes, establish data return and destruction procedures, and ensure subcontractor compliance.
In the event of a breach of unsecured PHI, SS Support Network will notify the affected covered entity without unreasonable delay and no later than 60 days after discovery. We maintain a documented breach response plan that includes containment procedures, investigation protocols, notification timelines, and remediation measures.
All employees handling PHI complete comprehensive HIPAA training before their first day of service. Training covers privacy and security rules, proper PHI handling procedures, breach identification and reporting, patient rights under HIPAA, and penalties for non-compliance. Annual refresher training and ongoing compliance monitoring ensure sustained adherence.
For questions about our HIPAA compliance practices or to request a copy of our policies, contact our Privacy Officer at info@sssupport.net or +1 (657) 777-0006.