HIPAA & Compliance Notice
How we approach HIPAA-aligned operational practices in our work with U.S. healthcare practices.
Last updated: April 2026
Important clarification
There is no formal HIPAA certification for vendors, and we do not claim to be 'HIPAA certified.' We follow HIPAA-aligned operational practices appropriate for a business associate relationship and can walk you through our approach during onboarding.
Business Associate Agreements
When we provide services that involve access to Protected Health Information (PHI), we operate under a written Business Associate Agreement (BAA) with the covered entity, as required by HIPAA.
Operational practices
Our operational practices include role-based access controls, written internal procedures, workforce training, secure workstation requirements, and incident-response procedures appropriate for a business associate.
Public website forms
The forms on this website are for general business inquiries only. Please do not submit patient health information, claim details, insurance IDs, diagnosis information, or any patient-specific information through this website. PHI exchange, when relevant to an engagement, occurs through agreed secure channels — not through public web forms or general email.
Reporting concerns
If you believe an Aveniq team member has handled information improperly, please contact us using the details on our Contact page so we can review and respond.