Aculab conform to HIPAA and HITECH regulations, which allows us to enter into HIPAA Business Associate Agreements (BAA) with our Covered Entity customers who provide healthcare platforms.

HIPAA & HITECH compliance

Suggestions for ensuring compliance include:

Security compliance
  • Authentication

    Password authentication to access data such as recordings doesn’t alter the fact that such data is e-PHI and, if it is created, received, processed, stored or transmitted via Aculab Cloud, it is subject to the Privacy and Security Rules.

    Encryption

    Data over encrypted channels remains e-PHI and is subject to the Rules. Encrypting the data is an effective means of complying with the Rules and meeting your obligation.

  • Messaging

    You can’t send a short message over an encrypted channel; it remains plain text on transmission. Furthermore, an SMS sent to the patient includes the destination number, which could be used to identify the individual, thus qualifying the text as e-PHI. So, you need to ensure that the content of text messages contains no sensitive patient data.

    Recordings

    Voice recordings can be made by healthcare professionals and patients alike, and are subject to compliance. An effective method of protecting and securing recordings is to use Aculab Cloud to encrypt the file.

Security compliance
Security compliance
  • Message Playback

    The process is similar, albeit in reverse, for playback of a .wav file, for example, to relay information in the form of a message to a patient. On receipt of the encrypted file for transmission, you should ensure the applicable key is available only at the time of decryption in order to play the message back.

    Fax Handling

    The process is similar when sending fax messages, on receipt of the encrypted fax for transmission, you should ensure the applicable key is available only at the time of decryption in order to transmit the fax. Again, the key should be received via a different route and destroyed after use, as with the original encrypted message.

Security

Encryption

  • Our encryption capabilities for media storage are not only used for meeting healthcare regulations. If you need to protect sensitive data such as voice recordings or fax image files, then take advantage of our free encryption capabilities

Security encryption

Documentation

Aculab
trusted by...