Substance Check Logo
Substance Check
Drug & Alchohal Testing Services
HIPAA Compliant Services

HIPAA Compliance

Substance Check is committed to protecting the privacy and security of your health information in accordance with the Health Insurance Portability and Accountability Act (HIPAA).

What is HIPAA?

Understanding the Health Insurance Portability and Accountability Act

The Health Insurance Portability and Accountability Act (HIPAA) is a federal law that establishes national standards to protect sensitive patient health information from being disclosed without the patient's consent or knowledge.

As a provider of drug and alcohol testing services, Substance Check handles Protected Health Information (PHI) and is committed to maintaining the highest standards of privacy and security as required by HIPAA regulations.

Our HIPAA Commitment

How we protect your health information

Data Encryption

All PHI is encrypted both in transit and at rest using industry-standard encryption protocols.

Access Controls

Strict role-based access controls ensure only authorized personnel can access PHI.

Secure Storage

Health information is stored in HIPAA-compliant data centers with physical security measures.

Audit Trails

Comprehensive logging and audit trails track all access to protected health information.

Notice of Privacy Practices

Your rights regarding your health information

Your Rights Under HIPAA:

  • Right to access your health information
  • Right to request corrections to your health records
  • Right to receive an accounting of disclosures
  • Right to request restrictions on certain uses and disclosures
  • Right to receive confidential communications
  • Right to file a complaint if you believe your privacy rights have been violated

How We Use Your Information

Permitted uses and disclosures of PHI

We may use and disclose your Protected Health Information (PHI) for the following purposes:

  • Treatment: To provide drug and alcohol testing services and share results with authorized healthcare providers.
  • Payment: To bill and collect payment for services provided.
  • Healthcare Operations: To improve our services, train staff, and conduct quality assessments.
  • Legal Requirements: When required by federal, state, or local law.
  • Employer Reporting: To report test results to employers as authorized by you or required by DOT regulations.

Breach Notification

Our commitment to transparency

In the unlikely event of a breach of unsecured Protected Health Information, Substance Check will notify affected individuals, the Department of Health and Human Services (HHS), and potentially the media (for breaches affecting more than 500 individuals) in accordance with HIPAA Breach Notification Rule requirements. Notifications will be made without unreasonable delay and no later than 60 days following the discovery of a breach.

Questions About Our HIPAA Practices?

If you have questions about our privacy practices or wish to exercise your rights under HIPAA, please contact our Privacy Officer:

905-803-8774privacy@substancecheck.com

Last updated: January 2026