The Health Insurance Portability and Accountability Act (“HIPAA”) sets forth privacy and security standards for any entity that uses or discloses protected health information. For information on HIPAA, visit the U.S. Department of Health and Human Services website.
For any business that treats patients/clients and is subject to HIPAA, compliance is an organization-wide obligation requiring procedural standards and business practices that protect the privacy and security of patient/client information. As part of these obligations, the business must ensure it only utilizes software that has adequate safeguards to protect patient/client information. PocketSuite’s mobile scheduling and payments software incorporates such technological and procedural safeguards, as detailed below.
PocketSuite employs the following technological safeguards to facilitate your compliance with HIPAA: patient/client information is transferred using 256-bit TLS encryption; accounts require secure login with support for two-factor mobile authentication enforcement; the production environment is protected by stand-alone firewalls with access limited to authorized personnel via encrypted channels; and offsite backups are made daily and stored in an encrypted state.
PocketSuite also provides numerous settings and features to facilitate procedural standards that enable you to maintain overall HIPAA compliance. Though, as with any technology, it’s incumbent upon you to properly incorporate PocketSuite into your business practices and make your own assessment of your resulting overall HIPAA compliance, you can use PocketSuite to meet your online scheduling needs while meeting your HIPAA obligations.