HIPAA Compliance

Our commitment to protecting your health information

Our Commitment to HIPAA Compliance

Trial Chimp is committed to maintaining the privacy and security of your Protected Health Information (PHI) in accordance with the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and its implementing regulations.

What is HIPAA?

HIPAA is a federal law that establishes national standards for the protection of sensitive patient health information. It requires organizations that handle PHI to implement physical, technical, and administrative safeguards to ensure confidentiality, integrity, and availability of health data.

How We Protect Your Health Information

Administrative Safeguards

  • Designated Privacy and Security Officers oversee HIPAA compliance
  • Regular workforce training on privacy and security practices
  • Documented policies and procedures for handling PHI
  • Business Associate Agreements with all third-party vendors
  • Regular risk assessments and compliance audits

Physical Safeguards

  • Secure data center facilities with controlled access
  • Environmental controls to protect hardware
  • Secure workstation policies
  • Proper disposal of devices containing PHI

Technical Safeguards

  • End-to-end encryption for data in transit and at rest
  • Unique user identification and authentication
  • Automatic logoff and session management
  • Audit controls and activity logging
  • Data integrity verification
  • Secure backup and disaster recovery procedures

Your Rights Under HIPAA

As a user of Trial Chimp, you have the following rights regarding your health information:

Right to Access

You have the right to view and obtain a copy of your health information that we maintain. You can access most of this information directly through your dashboard.

Right to Amend

If you believe your health information is incorrect or incomplete, you have the right to request amendments. We will respond to amendment requests within 60 days.

Right to an Accounting of Disclosures

You have the right to receive a list of instances where we have disclosed your health information for purposes other than treatment, payment, or healthcare operations.

Right to Request Restrictions

You may request restrictions on how we use or disclose your health information. While we will consider all requests, we are not required to agree to restrictions that would impair our ability to provide services.

Right to Confidential Communications

You can request that we communicate with you about your health information in a specific way or at a specific location.

Right to File a Complaint

If you believe your privacy rights have been violated, you may file a complaint with us or with the U.S. Department of Health and Human Services Office for Civil Rights.

How We Share Your Information

We only share your health information in the following circumstances:

  • With your authorization: When you apply to a clinical trial, we share relevant health information with the research institution
  • For treatment: With healthcare providers involved in your care
  • As required by law: When legally obligated to disclose information
  • For public health activities: As permitted by HIPAA regulations

Breach Notification

In the unlikely event of a breach of your unsecured PHI, we will notify you as required by the HIPAA Breach Notification Rule. Notification will be provided within 60 days of discovering the breach.

Contact Our Privacy Officer

If you have questions about our HIPAA practices or wish to exercise your rights, please contact our Privacy Officer:

  • Email: hipaa@trialchimp.com
  • Phone: 1-800-TRIALS (ask for Privacy Officer)
  • Mail: Privacy Officer, Trial Chimp, 123 Innovation Way, San Francisco, CA 94105

Filing a Complaint

You may also file a complaint with the U.S. Department of Health and Human Services:

  • Online: www.hhs.gov/hipaa/filing-a-complaint
  • Phone: 1-800-368-1019

We will not retaliate against you for filing a complaint.