We understand that most of our U.S. customers are “Covered Entities” under the Health Information Portability and Accountability Act (“HIPAA”) privacy regulations. As a HIPAA Covered Entity, our customers are legally obligated to maintain the privacy of all patient information that they create or receive. AB has departments and components (“Health Care Components”) that perform or support the functions of a Covered Entity – specifically the supplier function that distributes auditory accessories and submits claims for them (“Covered Functions”). AB also has departments and components (“Non-Health Care Components”) that perform non-Covered Functions. As such, the rules promulgated pursuant to the HIPAA permit AB to designate itself as a “Hybrid Entity” and only cause its Health Care Components to comply with the HIPAA rules. We recognize the impact that the HIPAA privacy regulations have on our customers. We wanted to take this opportunity to let you know that AB remains committed to interacting with you and your patients as responsible professionals who are dedicated to maintaining the privacy of information that we receive on-the-job, consistent with applicable law and regulations.
To perform our jobs, AB employees may create, develop or receive information about patients’ experiences with our medical devices in a variety of situations, including:
- We provide information or technical support for our products.
- We receive questions and suggestions about our products and services from patients, nurses, physicians and other health care providers.
- We enroll patients in clinical trials we sponsor.
- We collect information as required by the FDA and other governmental authorities relating to the quality, safety and efficacy of our devices.
- We collect, analyze and re-analyze our data in a continuous effort to improve the design, quality and functioning of our devices.
We have made available to our sales and marketing employees training materials on the HIPAA privacy regulations, and expect our employees to respect our customer’s explicit and implicit instructions regarding incidental exposure to protected health information while visiting a customer’s site.