RCM Staff
Sign in
Trust Center

RCM Staff Trust Center

Security, privacy, and compliance resources for clients, prospects, and partners working with RCM Staff.

RCM Staff supports U.S. healthcare organizations with compliance-aware offshore revenue cycle staffing. This Trust Center summarizes our approach to HIPAA-aligned operations, workforce confidentiality, remote work security, access control, and vendor oversight.

RCM Staff is led by Kevin Jamito, CPC, CPB, CPPM, CRCR, CHBME, bringing 18+ years of U.S. healthcare revenue cycle experience to the company's staffing and compliance approach.

Request Compliance PacketEmail compliance@rcmstaff.com
How We Operate

A compliance-aware operating model

Practical safeguards designed to support regulated U.S. healthcare workflows across distributed revenue cycle teams.

HIPAA-Aligned Operations

RCM Staff maintains documented policies and procedures designed to support regulated healthcare workflows. Our operational approach is built around privacy, security, and careful handling of protected health information.

Workforce Confidentiality

Team members are expected to follow confidentiality, acceptable use, and minimum necessary standards when supporting client workflows. Workforce training and sanctions policies help reinforce proper handling of sensitive information.

Secure Remote Work Standards

RCM Staff's remote work standards are designed to reduce risk across distributed healthcare support teams. Device security, account separation, MFA, and access controls are core parts of our operating model.

Client-Specific Access Controls

Access is managed based on client workflow needs and the minimum necessary principle. RCM Staff team members use client-approved systems and follow client-specific access procedures.

Founder Credentials

Revenue Cycle Expertise Behind RCM Staff

RCM Staff is led by Kevin Jamito, a U.S. healthcare revenue cycle professional with 18+ years of experience supporting medical billing, coding, collections, and practice management workflows. His background includes professional certifications and association involvement across medical coding, billing, revenue cycle, and healthcare business management.

CPCCertified Professional CoderAAPC
CPBCertified Professional BillerAAPC
CPPMCertified Physician Practice ManagerAAPC
CRCRCertified Revenue Cycle RepresentativeHFMA
CHBMECertified Healthcare Business Management ExecutiveHBMA
HBMA MemberHFMA Credential HolderAAPC Certified Professional

These are individual certifications and professional affiliations held by Kevin Jamito. They reflect founder-level credentials and do not represent a company-level certification or accreditation of RCM Staff by AAPC, HFMA, or HBMA.

Documentation

Compliance Resources Available Upon Request

The following documents are available to qualified prospects, clients, and partners. Requests are reviewed before any document is shared.

Security Overview

Security

Summary of RCM Staff's security practices, remote work controls, and compliance-aware operating model.

Available upon request

HIPAA Privacy and Security Policy

HIPAA

Internal policy framework for privacy, security, and PHI handling responsibilities.

Available upon request

PHI Handling and Minimum Necessary Policy

HIPAA

Guidance for handling protected health information using the minimum necessary standard.

Available upon request

Workforce Confidentiality and Acceptable Use Policy

Workforce

Standards for confidentiality, acceptable system use, and workforce behavior.

Available upon request

Remote Work and Device Security Policy

Security

Requirements for remote work environments, device safeguards, access separation, and secure work practices.

Available upon request

Access Control Policy

Security

Procedures for user access, role-based permissions, account management, and access reviews.

Available upon request

Incident Response and Breach Escalation Policy

Security

Process for reporting, escalating, investigating, and responding to suspected security or privacy incidents.

Available upon request

HIPAA Training and Sanctions Policy

Workforce

Workforce training expectations and consequences for policy violations.

Available upon request

Vendor/Subcontractor and BAA Policy

Vendor Management

Standards for vendor oversight, subcontractor review, and business associate agreement handling.

Available upon request

Data Retention and Disposal Policy

Data Governance

Guidelines for retention, secure disposal, and lifecycle management of sensitive information.

Available upon request

Business Associate Agreement Template

Legal / HIPAA

Template agreement available for qualified clients when business associate terms are required.

Available upon request

Subprocessor List

Vendor Management

List of key systems and service providers used to support RCM Staff operations.

Available upon request
Request Access

Request RCM Staff's Compliance Packet

Qualified prospects, clients, and partners may request access to selected compliance documents. Requests are reviewed before documents are shared.

Reviewed by our compliance team
Shared with qualified parties only
No PHI required to request

Requests are reviewed before any documents are shared. Please do not include PHI in this form.

Compliance Contact

For compliance-related inquiries, contact compliance@rcmstaff.com.