Healthie HIPAA Compliance Overview
HIPAA Compliance Overview
Healthie provides clients a secure, HIPAA compliant platform to conduct telehealth and other nutrition-related sessions over. In order to maintain HIPAA compliance, Healthie aims to be compliant with:
HIPAA Privacy Rule
HIPAA Security Rule
As a technology company, we take the HIPAA Security Rule very seriously. We implement adequate Technical Safeguards, Administrative Safeguards and Physical Safeguards to ensure that our customers are always protected and that our employees, contractors and workers are fully aware of their responsibilities as per the requirements of the HIPAA Security Rule.
The Healthie Security Overview document provides an overview of the security measures we have in place to ensure compliance with the Security rule.
HIPAA Breach Notification Rule
Healthie has not experienced a known breach as of the writing of this document. However in compliance with the HIPAA Breach Notification Rule, as soon as a Breach occurs, we adequately communicate the nature of the breach, the potential information leaked and the measures being taken to prevent the breach in the future to all relevant stakeholders including but not limited to:
● Relevant Federal Authorities including HHS
● Relevant State Authorities in the states in which the breach has impact
● The secretary of breaches
● The public and media if the breach affects more than 500 patients
HIPAA Administrative Safeguards
Healthie has assigned a Privacy Officer, Cavan Klinsky, who can be reached at Cavan@gethealthie.com. Moreover, Healthie completes a risk assessment annually to ensure compliance and maintenance of safeguards. Healthie implements employee training to ensure personnel are adequately educated (and supervised) regarding PHI. Healthie regularly reviews policies and procedures. Moreover, Healthie has a Business Associate’s Agreement that Covered Entities sign.
HIPAA Physical Safeguards
Healthie has partnered with industry-leading web hosting & video hosting companies that enable HIPAA compliant services. These companies include but are not limited to AWS & Aptible.
Healthie has procedures surrounding contingency operations, a facility security plan, access control and validation procedures, maintenance records, disposal, media re-use, accountability, and data backup and storage. Moreover, we have implemented workstation security measures to ensure that only authorized users (and in appropriate times) are able to access any PHI. Moreover, we recommend that app users install a passcode to unlock their phones.
Any questions or concerns about Healthie’s HIPAA compliance can be directed to our Executive Team, at email@example.com