openclose

HIPAA Compliance

What is HIPAA?

The United States Health Insurance Portability and Accountability Act of 1996 (HIPAA) is a federal law that delivers standardized data privacy and security provisions for protecting patient medical information. The United States Department of Health and Human Services (HHS) is the federal agency responsible for developing and enforcing HIPAA rules.

The HIPAA Privacy Rule regulates Protected Health Information (PHI) and provides federal protection of personal health information held by covered entities, which include healthcare providers, payers, research entities, or business associates. A business associate is any organization that provides services to a covered entity which handles PHI or health records.

How is LogicGate HIPAA Compliant?

LogicGate follows the latest HITECH enhanced privacy and security standards and acts as a Business Associate on behalf of the covered entity. We provide our clients with a Business Associate Agreement (BAA) certifying the services we provide are fully HIPAA compliant.

ENCRYPTION

Encrypting data at rest is a mandatory requirement of the HIPAA Security Rule. Our HIPAA compliant infrastructure automatically encrypts data at rest using Advanced Encryption Standard (AES) 256, a secure symmetric-key encryption standard using 256-bit encryption keys.

DEDICATED INSTANCES

To ensure HIPAA compliance, we place each covered entity on their own dedicated instances that are logically separated.

AUDITING

Our HIPAA compliant environments maintain detailed system event logs that track login attempts, data access attempts, and keep a detailed timestamped record of what user updated what data.

NETWORK SECURITY

Protection including Secure Network Architecture, Secure Access Points, Transmission Protection, Fault Tolerant Design. Full suite of network monitoring and protection including: