1️⃣ Data Encryption

All data, including PHI, claims, and communications, is protected by encryption:

• In transit: secured through SSL/TLS channels
• At rest: encrypted with AES-256 standards on protected servers

This ensures your information stays safe whether stored, processed, or transmitted.

2️⃣ Access Control

Access to data is based on roles and authorization:

• Only approved team members can access specific client files
• Multi-Factor Authentication (MFA) is required for all users
• Access logs are reviewed regularly
• All staff members sign confidentiality and HIPAA agreements

3️⃣ Secure Storage

All digital files are stored on HIPAA-compliant U.S. servers with ongoing backups.

• Data centers are monitored 24/7
• Physical access is restricted and verified
• Backup copies are safely stored in multiple locations

4️⃣ Network Security

We protect our systems with:

• Next-generation firewalls
• Real-time intrusion detection (IDS)
• Regular vulnerability checks and updates

These systems help prevent unauthorized access or data loss.

5️⃣ Vendor & Partner Compliance

Every vendor we work with must:

• Sign a Business Associate Agreement (BAA)
• Follow HIPAA and GDPR rules
• Pass yearly security and compliance reviews

We only use vendors that meet or exceed our own high standards.

6️⃣ Data Retention & Disposal

We keep client records only for as long as required by law or contract.
When data is no longer needed, it is permanently deleted or destroyed under NIST and HIPAA guidelines.

7️⃣ Staff Training & Awareness

All team members receive yearly HIPAA and cybersecurity training, including:

• How to handle PHI safely
• How to recognize data threats or phishing
• How to follow secure practices while working remotely

8️⃣ Incident Response Plan

If a data breach ever occurs:

• Affected systems are immediately isolated
• Clients are informed within legal timelines
• Root cause and preventive actions are taken
• Reports are submitted to management and, if needed, to authorities

9️⃣ International Data Protection

State Billing Services complies with:

• HIPAA (U.S.)
• GDPR (EU/UK clients)

This guarantees strong privacy and security for all clients, wherever they are located.

🔟 Transparency & Trust

We believe in honesty and openness.
Clients can request audit reports, compliance records, or details of our security systems anytime.
We never sell or share your data, and access remains fully under your control.

Contact for Security Concerns

📍 State Billing Services
160 East Wesmark Boulevard, Suite C, Sumter, SC 29150, USA

📞 Phone: +1 (839) 333-1367
📧 Email: info@statebillingservices.com