You want to make it as simple as possible for a patient to visit you, and many healthcare providers look to online scheduling software to make booking appointments easy. However, your scheduling software needs to be HIPAA compliant.
Zocdoc is a popular online medical appointment booking service. But is it in compliance with HIPAA? Let’s review Zocdoc and its company policies.
Zocdoc and the business associate agreement
Scheduling software companies are usually considered business associates because of the potential to receive protected health information (PHI). Covered entities should make an effort to ensure that they partner with a scheduling software company that is willing to sign a business associate agreement (BAA).
A BAA ensures that a business associate follows HIPAA security guidelines about protecting PHI.
Zocdoc does provide a BAA. You can read the BAA by clicking here.
Zocdoc and data security
Zocdoc does have security features in place to protect data. Some of these security features include:
- Employees receive annual data security training
- HITRUST CSF certified
- Annual security audits
- All data storage is encrypted
- Secure backups and robust backup policies
- TLS connection for data transmission
- Two-factor authentication
To read more about Zocdoc’s data and security, click here.
Is Zocdoc HIPAA compliant?
Yes, Zocdoc can be HIPAA compliant. A healthcare provider will need to sign up for a BAA to comply with HIPAA.
Is your email HIPAA compliant?
You should always take the precaution to ensure that all of your online communication is secure and in compliance with HIPAA. One of the most common security risks is when people don’t send HIPAA compliant email.
Paubox Email Suite Plus is the solution you need to protect your emails and data. We have robust inbound security tools and leverage TLS 1.3 encryption to keep your emails and inboxes safe. Our software stops threats like phishing emails, spam, viruses, and malware from reaching a user’s inbox. It also includes our patented ExecProtect feature, which blocks display name spoofing emails.
Paubox is also simple for your employees and patients to use. It can easily integrate into your current email provider including Google Workspace and Microsoft 365. Your employees can send emails directly to a patient’s inbox. You can say goodbye to third-party apps and client portals.