212-481-4040
Apply Now

Privacy Policies & Breach Notification

Privacy Policies

BK Healthcare Management LLC is committed to protecting the privacy, integrity, and confidentiality of Protected Health Information (PHI) in accordance with HIPAA regulations. These policies define how PHI is handled, safeguarded, and disclosed across all operations.

Administrative, Technical, and Physical Safeguards

The organization implements appropriate safeguards to protect PHI from misuse, loss, unauthorized access, or disclosure.

  • Secure storage and restricted access to PHI
  • Workforce training and policy compliance
  • Encryption and secure transmission practices
  • Controlled handling of physical documents
  • Proper disposal of PHI (e.g., shredding)

Breach Notification Policy

In the event of a data breach involving PHI, BK Healthcare follows strict procedures to assess, document, and notify affected parties in accordance with HIPAA requirements.

  • Notification to affected individuals within 60 days
  • Reporting to the U.S. Department of Health & Human Services (HHS)
  • Media notification when breaches affect 500+ individuals
  • Documentation and compliance tracking for all incidents

Incident Response & Breach Determination

All suspected privacy or security incidents must be reported immediately and investigated to determine whether a breach has occurred.

  • Mandatory reporting within 24 hours
  • Risk assessment of PHI exposure
  • Mitigation and corrective actions
  • Maintenance of incident logs and documentation

Business Associate Compliance

All third-party vendors handling PHI must enter into Business Associate Agreements (BAAs) and comply with HIPAA requirements.

  • Vendor risk evaluation and monitoring
  • Mandatory breach reporting by partners
  • Data protection and access controls

Privacy Complaints

Individuals have the right to file complaints regarding privacy practices or HIPAA compliance. All complaints are reviewed and resolved in a timely manner.

  • Complaints accepted via phone, email, or in person
  • Formal logging and investigation process
  • Protection against retaliation

Individual Rights Under HIPAA

BK Healthcare ensures individuals can exercise their rights regarding their health information.

  • Access and obtain copies of PHI
  • Request corrections or amendments
  • Receive an accounting of disclosures
  • Request restrictions on certain uses

HIPAA Privacy Program

The organization maintains a structured HIPAA Privacy Program to ensure ongoing compliance.

  • Designation of a Privacy Officer
  • Workforce training and policy enforcement
  • Regular audits and updates to policies
  • Documentation retention (minimum 6 years)