HIPAA Compliance

NoteTo comply with HIPAA, you must sign a Business Associate Agreement (BAA) with OnceHub. The standard OnceHub BAA is available for paid accounts that qualify. 

To arrange for a signed BAA agreement, email support@oncehub.com

The Health Insurance Portability and Accountability Act (HIPAA) is United States legislation that provides data privacy and security provisions for safeguarding medical information. OnceHub has built the necessary controls to satisfy HIPAA. HIPAA include two sets of rules, the HIPAA privacy rule and the HIPAA security rule.

The HIPAA privacy rule

The HIPAA privacy rule governs the circumstances under which health data can be disclosed. The rule defines to whom the data can be disclosed, how the data can be used, and how long it should be retained. For example, your OnceHub data is permanently deleted when you stop using our service, fulfilling the HIPAA privacy rule.

The HIPAA security rule 

The HIPAA security rule governs how patient data is secured. The rule defines three categories of controls designed to protect patient data from unauthorized disclosure:

  • Technical safeguards
  • Administrative safeguards
  • Physical safeguards

OnceHub has a comprehensive security program that employs a multi-layered control system designed to protect patient data. For example, all patient data is encrypted and our servers are continuously monitored with advanced threat detection tools. The OnceHub security program has been audited to ensure that it satisfies the HIPAA security rule.

Was this article helpful?
Thank you for your feedback!