Security & Compliance
Data Protection, Privacy, and Regulatory Compliance Program
Acuity Clinical Group maintains a focused, practical security and compliance posture appropriate for a small healthcare vendor. Our safeguards protect sensitive information, support operational reliability, and meet the expectations of our clinical and administrative partners.
Access Controls & Authentication
We use modern access‑control practices to protect systems and data:
Multi‑Factor Authentication (MFA) is required for all accounts.
Role‑based access ensures users only access what they need.
Administrative access is limited and monitored.
These controls reduce unauthorized access risk and align with current healthcare security expectations.
Data Encryption
Acuity protects sensitive information through industry‑standard encryption:
All data is encrypted in transit using TLS 1.2+.
All data is encrypted at rest using AES‑256.
This ensures confidentiality whether information is being transmitted or stored.
Email Security
We use modern email authentication to prevent spoofing and impersonation:
SPF, DKIM, and DMARC are implemented on our domain.
External email warnings help identify potential phishing attempts.
These measures significantly reduce email‑based security risks.
HIPAA Alignment
Acuity Clinical Group maintains HIPAA‑aligned administrative, technical, and physical safeguards. All staff complete annual HIPAA training, and we follow secure handling practices for PHI and ePHI.
We do not collect or store PHI through our public website.
Vendor & Partner Requirements
We maintain Business Associate Agreements (BAAs) with all vendors who may interact with PHI. We work only with partners who meet modern security and compliance standards.
Risk Assessment
Acuity conducts an annual risk assessment to evaluate safeguards, identify potential risks, and guide improvements in our security posture.
Incident Response
We maintain a concise incident‑response procedure outlining communication steps, containment actions, and recovery expectations. This ensures we can respond quickly and effectively if an issue arises.
Commitment to Security
Acuity Clinical Group is committed to maintaining a practical, reliable, and modern security posture that protects our partners and supports the operational needs of clinical environments.