How Qminder secures Protected Health Information (PHI)

Siim Raud avatar
Written by Siim Raud
Updated over a week ago

HIPAA, or the Health Insurance Portability and Accountability Act, is a legislation that sets the standard for protecting sensitive patient data. Any company that can access, store or transfer protected health information must ensure that there are strict security measures in place.

HIPAA applies not only to covered entities (medical service providers) but also their business associates and subcontractors. Strictly speaking, anyone with access to patient information must have HIPAA-approved data safeguards.

So when we say that Qminder has been HIPAA-certified, rest assured that we take the matter of privacy seriously and follow strict guidelines for protecting PHI.

How Qminder handles private information

Qminder is hosted on Amazon Web Services (AWS) and has signed a Business Associate Agreement with them. Safety guidelines apply to both data in transit and data at rest handled through Qminder.

Data in transit

All the data in transit is encrypted every step of the way, even inside AWS-protected networks.

Data at rest

All of our web servers, database servers and database backups have been encrypted in accordance with the guidelines.

Naturally, none of PHI handled through Qminder is transferred to any third-party services. The only exception is AWS which, like Qminder, is fully compliant with HIPAA and has been approved for handling medical information.

As a HIPAA-approved service, Qminder is your safest choice for secure handling of sensitive patient data.

Did this answer your question?