by Rikin Shah
Article filed in
Is QliqSOFT HIPAA compliant?
by Rikin Shah
When it comes to text messaging solutions for businesses, there are many options out there that can help streamline communication.
Unfortunately, there are only a few that can handle the technical and privacy requirements of doctors, nurses, medical assistants, administrators, and other healthcare professionals.
QliqSOFT, however, has managed to streamline patient care by allowing care provider teams to communicate while making sure their communications remain secure through preformatted texts.
QliqSOFT is a smartphone application that offers secure messaging for healthcare providers as well as patient engagement tools that facilitate activities like remote patient monitoring, telehealth visits, and call center automation.
QliqSOFT and the business associate agreement
QliqSOFT is not a business associate because it does not have access to the information that passes through its own servers. According to QliqSOFT’s HIPAA Security Statement:
“We act merely as a conduit for the information and do not even access the information on a random or infrequent basis which exceeds the requirements as set out in the Federal Register, Vol. 75, No. 134, p. 40873.”
While a BAA is unnecessary in this situation, QliqSOFT will, however, “provide a Business Associate Agreement to customers as peace of mind in maintaining HIPAA compliance”.
Conclusion: QliqSOFT is HIPAA compliant because it will sign a BAA, even though technically it is not required because it does not access covered entities’ PHI.
QliqSOFT has many features that make it a valuable tool for secure communications amongst healthcare providers, including end-to-end encryption, “Cloud Pass-Thru” architecture, and a distributed archival storage architecture.
QliqSOFT’s end-to-end encryption uses a public/private key encryption model which means it can’t decrypt the messages that come through its own servers and access PHI. A message encrypted by the sending device can only be decrypted by the intended recipient of the message.
The unique key pair for message encryption architectures ensures that all text messages are encrypted and decrypted by authorized devices that are sending the messages.
“Cloud Pass-Thru” architecture
When messages are sent from one Qliq application user to another, no messages or PHI is stored on the server. When messages are sent through the cloud, Qliq serves as a conduit that routes the messages that are then stored on the end-users device in an encrypted file.
Distributed archival storage
Once information has gone to the intended recipient, it can be stored in an encrypted archival unit known as the qliqSTOR. This can only be accessed by the organization’s authorized users and follows the organization’s security protocols for access restriction and data encryption.
Optimize security by integrating with Paubox
Integrating QliqSOFT for texting along with Paubox Email Suite for HIPAA compliant email can result in an incredibly secure communications workflow where HIPAA violations and leaked PHI is a thing of the past.
While QliqSOFT’s HITECH and HIPAA compliant features make texting safe for providers, Paubox’s HIPAA compliant email solutions, including Paubox Email Suite and the Paubox Email API, are HITRUST CSF certified, which demonstrates that our solutions have met key regulatory requirements and industry-defined requirements and are appropriately managing risk.