HIPAA and FDA GxP (21 CFR Parts 11 and 820)

As a medical solution vendor to the US market you must require from your subcontractors compliance to HIPAA and GxP guidelines.

The BioT software development practices include the internal "HIPAA checklist" guidelines that ensure that every feature that is added to BioT is HIPAA eligible.

Internally BioT adheres to the following HIPAA policies:

1. Data Security Policy
2. Global Information Technology Policy
3. Disaster Recovery Policy
4. Business Continuity Plan
5. Use and Disclosure of PHI
6. Privacy Training
7. Sanctions for Privacy and Security Violations
8. Safeguarding/Retrieval of Service Record
9. Security of PHI
10. Breach Analysis
11. Security Management Process
12. Workforce Security
13. Information Access Management
14. Security and Awareness Training
15. Security Incident Reporting
16. Contingency Plan
17. Evaluation
18. Quality Access Controls
19. Workstation Use and Security
20. Device and Media Controls
21. Controls: Technical Safeguards
22. Integrity Controls
23. Person or Entity Authentication
24. Transmission Security
25. Risk Assessment & Risk Management
26. Facility Access Controls

BioT clients enjoy Business Associate Agreement (BAA) agreements with BioT that offload their cyber security and privacy liability.