At NimSol LLC, we understand that your data especially Protected Health Information (PHI) is your most valuable asset. As a U.S.-based medical billing and RCM company, we take every step to ensure your data remains private, protected, and fully compliant with healthcare regulations.
Our Commitment
We are committed to maintaining 100% HIPAA compliance and following all relevant U.S. and international data protection standards. Every claim, report, and communication handled by NimSol is protected using advanced security tools and strict internal protocols.
1️⃣ Data Encryption
All data including PHI, claims, and client communications is encrypted:
- In transit: through secure SSL/TLS channels
- At rest: using AES-256 encryption on protected servers
This ensures your data is safe whether it’s being stored, processed, or transmitted.
2️⃣ Access Control
We apply a role-based access system so that only authorized staff can view or manage specific client data.
- Multi-factor authentication (MFA) is mandatory for all users.
- Access logs are reviewed regularly to detect unauthorized activity.
- All employees sign strict confidentiality and HIPAA agreements.
3️⃣ Secure Storage
All digital records are stored on HIPAA-compliant U.S. servers with continuous backups.
- Data centers are protected with 24/7 monitoring.
- Physical access is restricted and verified.
- Backup copies are securely stored in multiple geographic locations.
4️⃣ Network Security
Our systems are protected through:
- Next-generation firewalls
- Real-time intrusion detection systems (IDS)
- Regular vulnerability assessments and security updates
These measures ensure no unauthorized access or data breach can compromise your information.
5️⃣ Vendor & Partner Compliance
Every third-party vendor we use (including RingCentral, hosting, and analytics providers) must:
- Sign a Business Associate Agreement (BAA)
- Follow HIPAA and GDPR standards
- Pass annual security reviews before renewal
We only partner with vendors that meet or exceed our own security standards.
6️⃣ Data Retention & Disposal
We retain client data only for as long as legally required or contractually agreed.
When data is no longer needed, it is securely deleted or destroyed following NIST and HIPAA guidelines.
7️⃣ Staff Training & Awareness
All NimSol employees receive annual HIPAA and cybersecurity training.
Training includes:
- Handling PHI responsibly
- Recognizing phishing and data threats
- Following security protocols when using remote systems
8️⃣ Incident Response Plan
In the rare event of a suspected data breach:
- Our security team immediately isolates affected systems.
- Clients are notified within the legally required timeframe.
- A root cause analysis and corrective measures are implemented.
- A report is submitted to management and, if necessary, to authorities.
9️⃣ International Data Protection
Since NimSol operates in both the U.S. and UAE, we follow:
- HIPAA (U.S.)
- GDPR (EU/UK clients)
- Local UAE data protection laws
This ensures consistent security and privacy standards across all locations.
🔟 Transparency & Trust
We believe trust comes from clarity.
Clients can request details of our security measures, audit history, or compliance certifications at any time.
We never share, sell, or trade your data and access is always under your control.
Contact for Security Concerns
📍 NimSol LLC – Head Office
26 A Dowling Rd, Albany, NY 12205, USA
🏢 Dubai Office
Building 26, Dubai Health Care City, UAE
📞 Phone: +1 (518)-960-0242
📧 Email: info@nimsol.us
