OD
OccDocs
CPT 99214·New WC Injury · E/M Level 4·$147.00ICD S39.012A·Lumbar Strain · Initial EncounterWAC 296-20-03002·Work Capacity Documentation RequiredCPT 99455·RTW Disability Exam · Treating Physician·$235.00ICD G56.01·Carpal Tunnel Syndrome · RightAMA Guides 5th·Impairment Rating Standard · WA MandateCPT 95900·Nerve Conduction Study · Motor·$75.00BIIA Dec. 97-5678·Causation: Reasonable Medical ProbabilityICD S46.011A·Rotator Cuff Strain · Initial EncounterCPT 72100·Lumbar Spine XR · 2–3 Views·$52.00RCW 51.32.010·Industrial Injury CompensabilityCCI Edits 2025·Bundling & Conflict PreventionCPT 99456·IME · Non-Treating Examiner·$280.00ICD Z04.2·Encounter for Work-Related Injury ExamWAC 296-20-19000·Permanent Partial Disability RatingCPT 99214·New WC Injury · E/M Level 4·$147.00ICD S39.012A·Lumbar Strain · Initial EncounterWAC 296-20-03002·Work Capacity Documentation RequiredCPT 99455·RTW Disability Exam · Treating Physician·$235.00ICD G56.01·Carpal Tunnel Syndrome · RightAMA Guides 5th·Impairment Rating Standard · WA MandateCPT 95900·Nerve Conduction Study · Motor·$75.00BIIA Dec. 97-5678·Causation: Reasonable Medical ProbabilityICD S46.011A·Rotator Cuff Strain · Initial EncounterCPT 72100·Lumbar Spine XR · 2–3 Views·$52.00RCW 51.32.010·Industrial Injury CompensabilityCCI Edits 2025·Bundling & Conflict PreventionCPT 99456·IME · Non-Treating Examiner·$280.00ICD Z04.2·Encounter for Work-Related Injury ExamWAC 296-20-19000·Permanent Partial Disability Rating
Start free trial
← Back to home

HIPAA Compliance

OccDocs is designed from the ground up for HIPAA compliance. Our core architecture eliminates PHI risk at the source: we never store it.

Zero PHI Storage

No protected health information is ever written to our database. All encounter data is anonymized using HIPAA Safe Harbor (45 CFR §164.514(b)) before processing.

Safe Harbor De-identification

We apply all 18 HIPAA Safe Harbor identifiers removal: names, dates (beyond year), geographic subdivisions smaller than state, phone numbers, SSNs, medical record numbers, and more.

Immutable Audit Log

Every authentication event, AI query, and data mutation is logged with timestamp, user ID, and action type. Logs use only anonymized session identifiers — no PHI.

Encryption in Transit & at Rest

All data is encrypted in transit via TLS 1.3. Database encryption at rest using AES-256. HTTPS is enforced with HSTS headers.

Access Controls

Multi-tenant isolation ensures organizations can never access other organizations' data. Role-based access control limits data access to authorized users.

BAA Available

A Business Associate Agreement is available for Enterprise customers. Contact sales to execute a BAA before onboarding.

Questions about HIPAA compliance? Contact our security team at [email protected]. Enterprise customers can request our Security & Compliance documentation package.