Skip to main content
Skip table of contents

HIPAA Compliance

The Health Insurance Portability and Accountability Act (HIPAA) establishes standards to protect sensitive patient health information (PHI) from being disclosed without the patient's consent or knowledge. Expertflow takes the following measures for HIPAA Technical Safeguards.

HIPAA Technical Safeguards

Compliance

Expertflow CX Compliance

Access Control. A regulated entity must implement technical policies and procedures for its electronic information systems that maintain ePHI to allow only authorized persons to access ePHI.

COMPLIANT

Authentication. A regulated entity must implement procedures to verify that a person seeking access to ePHI is who they say they are.

COMPLIANT

All agents must authenticate themselves to use Expertflow CX, also as an added layer of security Two-factor authentication can be used as a second form of verification. For more details see Identity and Access Management.

Transmission Security. A regulated entity must implement technical security measures to guard against unauthorized access to ePHI that is being transmitted over an electronic network.

COMPLIANT

Expertflow CX uses TLS for secure communication. See Data Encryption for details.

Audit Controls. A regulated entity must implement hardware, software, and/or procedural mechanisms to record and examine activity in information systems that contain or use ePHI.

A regulated entity must implement policies and procedures to ensure that ePHI is not improperly altered or destroyed. Electronic measures must be put in place to confirm that ePHI has not been improperly altered or destroyed.

NON-COMPLIANT

A centralized Audit-logging is on the roadmap for 2025.


Roadmap for HIPAA Compliance

The following is the list of features related to HIPAA compliance that are on our roadmap.

Please enter an Aha! link and then click Refresh Preview above to see a preview

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.