Influx MD is a sales and marketing platform that equips medical practices with the tools they need to seamlessly promote their services, automate tasks, and better manage leads. While innovative technology can help healthcare companies build stronger relationships with customers and improve overall efficiency, HIPAA compliance should always remain a top priority. Let’s take a look at whether Influx MD meets these critical security standards.
SEE ALSO: HIPAA compliant email
Influx MD and business associate agreements
In order for a third-party vendor to be considered HIPAA compliant, a business associate agreement (BAA) must be signed by both parties. This document outlines the obligations of the business associate to keep protected health information (PHI) secure. According to the Influx MD website, a signed BAA is available for all users who wish to show HIPAA compliance within their organization. However, the company clarifies that this agreement “does not indemnify users against breaches that are their responsibility such as weak passwords, unlocked screens, or sharing accounts with multiple users.”
Influx MD and data security
In addition to the BAA, data security is another important piece of maintaining HIPAA compliance. This means covered entities should pay attention to the specific protocols that a vendor has in place to protect PHI. Influx MD automatically treats all data as ePHI for maximum security purposes. The company’s HIPAA and HITECH-audited hosting environment delivers a variety of protective features such as multiple network firewalls, an encrypted VPN, ongoing offsite backups, and isolated virtual databases. Influx MD also offers transport layer security (TLS) to safeguard the transmission of form responses, but it is the user’s responsibility to independently configure that functionality. Covered entities can take further measures to meet specific HIPAA requirements for their practice through a set of customizable local policies. These include issuing security reminders for users before performing actions that involve PHI, enabling automatic logoff after a period of inactivity, creating role-based access limits, and establishing organizational guidelines around password complexity.
Is Influx MD HIPAA compliant?
Yes, InfluxMD can be made HIPAA compliant with a signed BAA. However, it is up to the organization to ensure that all settings are appropriately configured to minimize risks and maintain the necessary security standards.
Strengthen security with Paubox
While Influx MD is built to meet HIPAA requirements, email security is another crucial factor for healthcare providers to consider.
Designed to integrate with your existing email platform such as Google Workspace or Microsoft 365, Paubox Email Suite enables HIPAA compliant email by default and automatically encrypts every outbound message. This removes the time and stress of choosing which emails to encrypt and allows your patients to receive your messages right in their inbox without having to navigate any additional passwords or portals. Paubox Email Suite’s Plus and Premium plan levels also come with innovative inbound email security tools that deliver an extra layer of protection from potential threats. Our patent-pending Zero Trust Email feature leverages email AI to verify that an email is authentic, while ExecProtect quickly catches display name spoofing attempts.