Security Policy

Effective Date: June 5, 2025

At Quality Paramedical Services, we take data protection and client privacy seriously. Our Security Policy outlines the measures we take to safeguard your personal, medical, and technical information while using our services or visiting our website.

1. Information Protection

We protect all collected information using administrative, technical, and physical safeguards. These include:

• Encryption of sensitive data during transmission (e.g., SSL/TLS for forms and secure email communication)

• Password-protected systems and secure authentication for employee access

• Role-based access controls to ensure only authorized personnel handle personal or medical information

• Data minimization to store only necessary information for the shortest required time

2. Secure Storage and Access

All personal and medical information is stored:

• In encrypted databases or secure physical files with limited access

• On servers or systems protected by firewalls and intrusion detection systems

• With access restricted to authorized phlebotomists, nurses, or administrative staff who require it to fulfill their duties

3. Employee Training and Accountability

All team members undergo:

• Confidentiality training and sign data privacy agreements

• HIPAA-compliance education for handling medical data

• Regular reviews of internal security protocols and incident response procedures

Employees who violate these security policies are subject to disciplinary action, up to and including termination.

4. Website and Application Security

• Our website uses HTTPS to secure all communication

• We regularly scan for malware, vulnerabilities, and unauthorized access attempts

• We apply regular updates and patches to all hosting systems, software, and plugins

5. Incident Response and Breach Notification

In the event of a data breach or unauthorized access:

• We will immediately investigate and contain the incident

• Affected individuals will be notified promptly as required by applicable law (e.g., HIPAA or state regulations)

• We will work with appropriate cybersecurity professionals to resolve vulnerabilities and prevent recurrence

6. Client Responsibility

To help maintain data security:

• Do not share sensitive personal or medical information through unsecured channels (e.g., public Wi-Fi or social media)

• Always verify our communications come from a legitimate @qualityparamedicalservices.com domain

• Contact us immediately if you suspect misuse of your data or unauthorized contact claiming to represent us

7. Policy Updates

This Security Policy may be updated periodically. All changes will be posted on this page with an updated effective date.

8. Contact Us

If you have any questions or concerns regarding our security practices, please contact:

Quality Paramedical Services

contact@qualityparamedicalservices.com

716-343-5835

Security Policy