Yes We Do
Whether you’re building a new website for your medical practice or seeking to make an existing site fully compliant with HIPAA standards, there are plenty of straightforward ways to ensure you have your bases covered.
For a healthcare website, a simple padlock icon won’t cut it. The site needs to have proper encryption methods, access controls, and logging, as well as constant, necessary checks to ensure that everything is running in compliance with HIPAA.
7 things included
These seven tenets built into each website created by Outlet Creative Group keeps Electronic Protected Health Information (
- Transport Encryption Encrypted during transmission over the Internet
- Backup Backed up in a way that it’s available for recovery
- Authorization Only accessible by authorized personnel using unique, audited access controls
- Integrity Not tampered with or altered
- Storage Encryption Encrypted when it’s stored or archived
- Disposal Permanently disposed of when it’s no longer needed
- Omnibus/HITECH Located on the web servers of a company you have a HIPAA Business Associate Agreement with (or hosted in-house with those properly secured servers according to the HIPAA security rule requirements).
It’s safe to say that any out-of-the-box website that you can build using a third-party provider probably isn’t HIPAA-compliant. Instead, you need to pay strict attention to transmission, ensuring that information stays encrypted and unaltered as it flows across the Internet.
We prefer to use Rackspace as our secure website host.
Ready to find out more?
Read the Outlet Medical Marketing Blog
