HIPAA Compliance

The Uniphy Care Platform is designed to meet the highest standards in HIPAA compliance

  • Texts and consults are secured within the app, sent and received using 256-bit encryption.
  • Encrypted messages transmitted via cellular data networks to secure hosting environment.
  • Double-authentication required to utilize app.
  • Authentication key is controlled by your admin.
  • App locks-out and requires login after long period of non-use.
  • All messages erased after 24 hours. Messages older than 48 hours can only be retrieved after request and admin approval.
  • Admin can remote wipe a user's app remotely.
  • PHI does not appear on screen notifications.
  • Messages archived for as long as requested (extra storage charges may apply). Archive is securely managed to comply with HIPAA requirements in audited data center.
  • Audit logs of messages, consults, receipts, administrator actions, data transfers and custody.
  • Continuous vulnerability monitoring. Access requires two-factor authentication. Application and database are isolated.
  • Clear policies on user responsibilities, and warning if/when a user may risk a HIPAA violation.