CASPro Health Partners is committed to safeguarding patient information, maintaining full compliance with U.S. and international data protection standards, and operating with integrity across all healthcare transactions.

HIPAA Compliance

CASPro Health Partners adheres to the Health Insurance Portability and Accountability Act of 1996 (HIPAA). All client data shared with CASPro is handled under strict confidentiality and stored using encrypted systems with access controls, audit trails, and employee training programs.

• Business Associate Agreements (BAAs) are executed with each covered entity prior to data exchange.
  • All staff complete HIPAA awareness and PHI handling certification.
  • System access is based on least-privilege and monitored continuously.

Business Associate Agreement (BAA)

We execute a Business Associate Agreement (BAA) with every U.S. client to clearly define our responsibilities in protecting Protected Health Information (PHI). This includes administrative, physical, and technical safeguards consistent with 45 CFR §§164.308–316.

Data Privacy & Local Regulation

CASPro also complies with the Philippine Data Privacy Act of 2012 (RA 10173) and follows guidelines set by the National Privacy Commission (NPC). All client and employee data processed locally are protected under secure data-handling policies and cross-border data transfer controls.

Security Practices

• Encrypted communication (TLS 1.3, VPN tunneling)
  • Restricted workstation use and automatic session timeouts
  • Daily offsite backups and disaster recovery protocols
  • Employee access monitoring and periodic audits

Training & Awareness

Every CASPro associate undergoes mandatory HIPAA and data privacy training prior to handling any client-related information and participates in regular refresher programs.

Contact for Compliance Inquiries

For compliance-related inquiries or to request a copy of our BAA, contact privacy@casprohealth.com.