HIPAA COMPLIANCE STATEMENT
Bookafy is willing to sign a HIPPA Business Associate Agreement-
Bookafy submits this statement of policy regarding HIPAA regulations and obligations. While HIPAA compliance is in part dependent on technology, HIPAA compliance is an overall organizational obligation that focuses on your procedural standards and procedural integrity (medical provider business practices). Therefore, HIPAA compliance for software requires a combination of secure/private technology and compliant business practices. Bookafy provides clients with a software tool that is HIPAA compliant from a technology standpoint as detailed below. However, Bookafy technology is only half of the inquiry – how client users use Bookafy software within their medical practices must also be addressed.
Bookafy technology, security, and privacy policies comply with HIPAA standards, such as encryption (SSL), system-user identifiers (logins, passwords), multiple user access levels, high-end physical server security, nightly backups, strong privacy policies (not sharing information with anyone unless you direct us to), timed log out, strong internal policies (having employees sign strong privacy agreements), and much more. These are detailed on our website (www.Bookafy.com) in the FAQ section and the Privacy section. Additional security and privacy safeguards can be enabled at the option of clients, such as user IP restrictions and forced interval password changes.
In regard to business practices, Bookafy provides clients preferences in defining how they want to set up and use the system in their day-to-day medical practices. This includes preferences concerning user access types, how backup files are run (through Excel Reports), when clients run their own offsite backups, how clients require users to login to the system – and many more business practice questions.
All of these options and more potentially impact the business practices inquiry and the related obligations under HIPAA. Each “Covered Entity” must make its own determination of the system use and its overall impact on business practices. Please reach out to Customer Success (firstname.lastname@example.org) if you have specific questions as to the interplay between our software and your business practices.