Corterve

HIPAA Compliance

Your health information deserves the highest level of protection. Here's how we ensure HIPAA compliance.

Our Commitment

Corterve is fully committed to compliance with the Health Insurance Portability and Accountability Act of 1996 (HIPAA). We understand that protecting your Protected Health Information (PHI) is not just a legal requirement—it's a fundamental responsibility that enables the trust necessary for our mission.

SOC 2 Type II Certification In Progress

We are actively working toward independent security audit certification.

Technical Safeguards

  • 256-bit AES encryption at rest and in transit
  • Multi-factor authentication for all accounts
  • Automatic session timeouts
  • Complete audit logging of all PHI access

Physical Safeguards

  • HIPAA-compliant cloud infrastructure (AWS)
  • Data centers with 24/7 security monitoring
  • Secure workstation policies
  • Geographic redundancy and disaster recovery

Administrative Safeguards

  • Designated Privacy and Security Officers
  • Annual HIPAA training for all employees
  • Business Associate Agreements with all vendors
  • Regular risk assessments and policy reviews

Breach Response

  • Documented incident response procedures
  • Timely breach notification as required by law
  • 24/7 security monitoring and alerting
  • Regular penetration testing

Your Rights Under HIPAA

As a patient, you have the right to:

  • 1.Access your PHI — Request a copy of your health information we maintain.
  • 2.Request amendments — Ask us to correct inaccurate information.
  • 3.Accounting of disclosures — Receive a record of who your PHI has been shared with.
  • 4.Request restrictions — Ask for limits on how we use or share your information.
  • 5.Confidential communications — Request we contact you in a specific way.

Questions or Concerns?

If you have questions about our HIPAA compliance practices or wish to exercise your rights, please contact our Privacy Officer.

Contact Privacy Officer