HIPAA Compliance

At Your Patient Portal Solution, we are fully committed to protecting your Protected Health Information (PHI) in accordance with the Health Insurance Portability and Accountability Act (HIPAA) of 1996 and its subsequent amendments, including the HITECH Act. Our patient portal is designed and operated with strict adherence to HIPAA's Privacy, Security, and Breach Notification Rules, ensuring a level of data protection comparable to leading healthcare platforms like MyChart.

Our Commitment to Security

We implement comprehensive administrative, physical, and technical safeguards to ensure the confidentiality, integrity, and availability of all PHI transmitted and stored within our patient portal. These measures include:

• Encryption: All data, both in transit and at rest, is encrypted using industry-standard protocols.
• Access Controls: Strict role-based access controls are in place, ensuring that only authorized personnel can access PHI.
• Audit Trails: Comprehensive audit logs track all access and modifications to PHI, providing accountability and transparency.
• Regular Risk Assessments: We conduct periodic risk assessments to identify and mitigate potential vulnerabilities.
• Employee Training: All staff members receive regular training on HIPAA regulations and best practices for data handling.
• Secure Infrastructure: Our infrastructure is hosted in secure, compliant data centers.

Business Associate Agreements (BAAs)

We enter into Business Associate Agreements (BAAs) with all covered entities that utilize our patient portal services, clearly outlining our responsibilities in safeguarding PHI as required by HIPAA.

Patient Rights

Our patient portal supports patients' rights under HIPAA, including the right to:

• Access their medical records and request copies.
• Request amendments to their health information.
• Receive an accounting of disclosures of their PHI.
• Request restrictions on certain uses and disclosures of their PHI.
• Receive confidential communications.

For more detailed information about our HIPAA compliance practices, please contact us directly.