Informizely customer feedback surveys
By using the Aculab site, you agree with our use of cookies.

HIPAA compliance and privacy

Aculab conform to HIPAA and HITECH regulations, which allows us to enter into HIPAA Business Associate Agreements (BAA) with our Covered Entity customers who provide healthcare platforms.

 

Suggestions for ensuring compliance include:

  • Experience

    Authentication

    Password authentication to access data such as recordings doesn’t alter the fact that such data is e-PHI and, if it is created, received, processed, stored or transmitted via Aculab Cloud, it is subject to the Privacy and Security Rules.

  • Expertise

    Encryption

    Data over encrypted channels remains e-PHI and is subject to the Rules. Encrypting the data is an effective means of complying with the Rules and meeting your obligation.

  • Partnership

    SMS

    You can’t send a short message over an encrypted channel; it remains plain text on transmission. Furthermore, an SMS sent to the patient includes the destination number, which could be used to identify the individual, thus qualifying the text as e-PHI. So, you need to ensure that the content of text messages contains no sensitive patient data.

  • choice

    Recordings

    Voice recordings can be made by healthcare professionals and patients alike, and are subject to compliance. An effective method of protecting and securing recordings is to encrypt the file.

  • Innovation

    Message Playback

    The process is similar, albeit in reverse, for playback of a .wav file, for example, to relay information in the form of a message to a patient. On receipt of the encrypted file for transmission, you should ensure the applicable key is available only at the time of decryption in order to play the message back.

  • Innovation

    Fax Handling

    The process is similar when sending fax messages, on receipt of the encrypted fax for transmission, you should ensure the applicable key is available only at the time of decryption in order to transmit the fax. Again, the key should be received via a different route and destroyed after use, as with the original encrypted message.

Security

Committed to safeguarding your data

Security is a top priority at Aculab. We work hard to provide a safe platform to keep all data protected so you can focus on using the platform with confidence.

  • Experience

    Physical security

    Our Amazon AWS datacentres use multiple layers of operational and physical security to ensure the integrity and safety of your data, including restricted authorisation and constant surveillance.

  • Expertise

    Network security

    Aculab is committed to providing a reliable network with guaranteed uptime for our global carrier interconnects. Use of private AWS servers, datacentre firewalls, and encryption of data in transit.

  • Partnership

    Application security

    Secure protocols are used to keep your communications secure over public networks. Encryption and multi-factor authentication is used via HTTPS.

  • choice

    Service security

    Cloud Virtual Machine – Amazon’s Virtual Machines are designed to be secure by default keeping Aculab Cloud highly secure.

  • Innovation

    Data privacy

    Backup encryption, access limitations.Media files are stored in Aculab Cloud and held securely in Amazon S3.

  • Innovation

    Payment security

    Private and secure payment – all transactions and payment information is protected by a third party vendor, SagePay. Aculab Cloud does not see or store credit or debit card information.

Encryption

Free encryption for media file storage.

  • Expertise

    Encryption

    Our encryption capabilities for media storage are not only used for meeting healthcare regulations. If you need to protect sensitive data such as voice recordings or fax image files, then take advantage of our free encryption capabilities.