HIPAA (Health Insurance Portability and Accountability Act) is a list of legislative requirements that define data privacy and security provisions for private medical information.HIPAA has a number of specific goals; however, the part of HIPAA that applies to Cronofy is the protection of confidential patient data, against fraudulent access, abuse, and/or mishandling of that information.Specifically, Cronofy is interested in Title II of the HIPAA standard, which includes the Privacy, Security, and Enforcement Rules.
Title II of the HIPAA standard:
Data classed as private medical information includes, but is not limited to, a patient’s name, address, date of birth, social security number, the patient’s physical or mental health condition, the specific services provided, or any other information that could be used to identify the patient.
Cronofy has customers who process patient and health data. The security of that data is paramount to Cronofy. The rules outlined by HIPAA set out the appropriate placement of physical and electronic safeguards, to ensure that patient data is secure in transit, at rest, and upon arrival at its destination.
The rules also outline specific responsibilities with respect to the implementation of safeguards and complaints handling, as well as the training of employees.
Patients have the right to receive, upon request, a copy of their own information.
Cronofy protects patient data by adhering to the rules set out in Title II of the HIPAA standard. Cronofy has physical, technical, and administrative safeguards in place to ensure that patient data is secure.
Cronofy also ensures that anyone who has potential access to patient data has signed a business associate agreement.
Even if you are a Cronofy customer to whom HIPAA does not apply, all Cronofy customers benefit from the additional security and policies implemented as part of Cronofy's HIPAA compliance.
Please contact our support team at email@example.com who will provide you with a copy of our BAA to sign and return.
We make sure you keep control of your calendar and that it's private to you and those you'd like to share your availability with. Security is at the core of what we do and we have the best practices to ensure that privacy is never compromised.