The Health Insurance Portability and Accountability Act (“HIPAA”) sets forth privacy and security standards for any entity that uses or discloses protected health information. For information on HIPAA, visit the U.S. Department of Health and Human Services website.
For any business that treats patients/clients and is subject to HIPAA, compliance is an organization-wide obligation requiring procedural standards and business practices that protect the privacy and security of patient/client information. As part of these obligations, the business must ensure it only utilizes software that has adequate safeguards to protect patient/client information. Séafra’s web-based scheduling software incorporates such technological and procedural safeguards, as detailed below.
Séafra employs the following technological safeguards to facilitate your compliance with HIPAA: patient/client information is transferred using 168-bit SSL encryption; accounts require secure login with minimum password length enforcement; the production environment is protected by stand-alone firewalls with access limited to authorized personnel via encrypted channels; and offsite backups are made daily and stored in an encrypted state.
Séafra also provides numerous settings and features—including user-specific login, multiple user access levels, and the ability to easily add and remove users—to facilitate procedural standards that enable you to maintain overall HIPAA compliance. Though, as with any technology, it’s incumbent upon you to properly incorporate Séafra into your business practices and make your own assessment of your resulting overall HIPAA compliance, you can use Séafra to meet your online scheduling needs while meeting your HIPAA obligations.