Veteran Tools VETERAN TOOLS

HIPAA Compliance

Veteran Tools is committed to protecting your health information in accordance with the Health Insurance Portability and Accountability Act (HIPAA).

HIPAA Compliant

Our platform implements all required administrative, physical, and technical safeguards to protect your Protected Health Information (PHI).

Technical Safeguards

Data Encryption

  • AES-256 encryption for all PHI at rest
  • TLS 1.3 encryption for all data in transit
  • Encryption keys managed via Google Cloud KMS

Access Controls

  • Role-based access control (RBAC)
  • Unique user identification
  • Automatic session timeout (15 minutes)

Audit Controls

  • Comprehensive logging of all PHI access
  • Tamper-proof audit logs retained for 6 years
  • Real-time security monitoring and alerting

Integrity Controls

  • Data validation at all entry points
  • Automated backups with integrity verification
  • Version control for document changes

Administrative Safeguards

Security Risk Analysis

Regular assessment of potential risks to PHI confidentiality, integrity, and availability.

Workforce Training

All team members receive HIPAA privacy and security training upon hire and annually thereafter.

Incident Response Plan

Documented procedures for identifying, responding to, and reporting security incidents.

Business Associate Agreements

Signed BAAs with all third-party vendors who may access PHI, including cloud providers and AI services.

Physical Safeguards

Google Cloud Platform

All data is hosted on Google Cloud Platform, which maintains SOC 2 Type II, ISO 27001, and HIPAA compliance certifications. Data centers feature 24/7 security, biometric access controls, and environmental safeguards.

Data Center Redundancy

Data is replicated across multiple geographic regions to ensure availability and disaster recovery capabilities.

Your Rights Under HIPAA

As a user of Veteran Tools, you have the right to:

  • 1 Access your health information and request copies of your records
  • 2 Request amendments to your health information if you believe it is incorrect
  • 3 Receive an accounting of disclosures of your health information
  • 4 Request restrictions on certain uses and disclosures of your information
  • 5 File a complaint if you believe your privacy rights have been violated

Privacy & Compliance Contact

For questions about our HIPAA compliance practices or to exercise your privacy rights, please contact our Privacy Officer:

privacy@veterantools.org

Related Policies

Privacy Policy

How we collect, use, and protect your information

Terms of Service

Terms governing your use of our services

Last updated: January 25, 2026