HIPAA Compliance with Cron To Go

The Health Insurance Portability and Accountability Act (HIPAA) establishes national standards for the privacy, security, and breach notification of individuals' protected health information (PHI). HIPAA applies to covered entities and their business associates, as defined by the law.

Covered entities are healthcare providers, health plans, and healthcare clearinghouses that transmit any health information in electronic form in connection with certain administrative and financial transactions. Examples of covered entities include hospitals, doctors' offices, nursing homes, pharmacies, and health insurance companies.

Business associates are individuals or entities that perform certain functions or activities on behalf of a covered entity, such as billing companies, claims processing companies, third-party administrators, and other contractors or vendors. Business associates are also required to comply with HIPAA regulations.

Covered entities who require a secure cloud scheduler service can use Cron To Go after signing a BAA (Business Associate Agreement) that establishes the parameters for the relationship between covered entity and business associate, outlining the responsibilities of the business associate in protecting the privacy and security of PHI.

Cron To Go completes an annual assessment of security risks in addition to ongoing risk analysis, to ensure that our service meets changing security requirements and threats.

PHI data protection

In transit, all communication is encrypted with AES-256 bit using the HTTPS protocol.