Skip to content
Are you here because of WellMed's referral management transition? If so, please Click here 
Skip to main content
Join the Network
Who We Serve

See which LeadingReach plan works for you

From Free to Enterprise, we've got a plan for your organization.

Learn More

HIPAA Statement

As a leader in cloud-based physician referral and patient engagement applications, Leading Reach, Inc., including its subsidiaries and affiliates (“LeadingReach”) understands the need to treat patient information in a manner that protects the privacy and security of protected health information (PHI).

In order to protect PHI, LeadingReach has taken the following steps to handle and protect all PHI in the manner specified by the Health Insurance Portability and Accountability Act (“HIPAA”):

  1. LeadingReach does not use, access, or disclose PHI unless it’s necessary to provide services to its customers in a manner consistent with its contractual commitments or as required or allowed by law.
  2. LeadingReach has adopted corporate policies that protect the privacy and security of PHI. These policies detail, among other things, the appropriate access, handling, and security measures that LeadingReach has set for the protection of PHI stored in its cloud or accessed by its employees when delivering services to its customers.
  3. LeadingReach has implemented reasonable and appropriate safeguards intended to maintain the security and integrity of electronic PHI under its control. These safeguards at a minimum meet the required implementation specifications contained in the HIPAA Security Rule.
  4. LeadingReach encrypts PHI where encryption is a reasonable and appropriate safeguard, and in accordance with its contractual commitments.  When encryption of PHI is not possible, such as in those circumstances where such encryption would materially affect the performance or use of the LeadingReach services, LeadingReach endeavors to have other reasonable and appropriate measures to safeguard the PHI.
  5. LeadingReach requires all subcontractors that may access PHI to provide written assurances that they will handle PHI in compliance with the HIPAA requirements applicable to subcontractors.
  6. LeadingReach does not sell PHI.
  7. LeadingReach has established processes to identify and respond to potential security incidents affecting PHI and a Breach of Unsecured PHI.
  8. LeadingReach policies and procedures are communicated to all employees that may handle or access PHI as part of LeadingReach’s HIPAA training program. LeadingReach requires all employees to sign confidentiality agreements. LeadingReach employees are subject to sanctions in the event they violate these policies, procedures, or confidentiality agreements.
  9. LeadingReach has adopted other policies and practices as necessary to meet its contractual commitments to customers and/or as required by law.
  10. LeadingReach is committed to maintaining its compliance with HIPAA and will adjust the policies and procedures listed above as laws affecting PHI evolve.