Online scheduling software is a key feature to running your healthcare organization smoothly. It easily lets patients schedule appointments at a time convenient for them, but you need to choose HIPAA compliant software. Otherwise, you risk potential security breaches and fines for violating HIPAA. Let's review WebPT, and see if it's a possible option for your healthcare organization.
What is WebPT?
WebPT is designed for the rehab therapy industry and is meant to cover everything a healthcare organization would need to run efficiently. On top of scheduling software, it also has billing, marketing, and other features.
Does WebPT have a business associate agreement?
Covered entities need to choose a scheduling software that is willing to sign a business associate agreement ( BAA ). If the scheduling software doesn't agree to sign a BAA, it automatically isn't considered HIPAA compliant. A BAA ensures that business associates follow HIPAA security rules regarding protected health information ( PHI ). Since scheduling software can collect and store PHI (like names or phone numbers), it's required to protect PHI the same way a covered entity would in its system. WebPT is willing to sign a BAA, which makes it pass the first hurdle to ensuring that it's HIPAA compliant. You can read more about its BAA by clicking here.
What are WebPT's data security features?
Not all HIPAA compliant software has the same level of security. Some companies only meet the bare minimum security requirements, and others go above and beyond to ensure protection for PHI. WebPT doesn't elaborate on the data security features of its software. Its website only mentions that there is password-protected access and bank-level data encryption. However, in 2018, WebPT achieved International Standardization Organization (ISO), which is considered a platinum standard for protecting and securing information. ISO-certified entities ensure that they examine security risks, implement data security controls to address risks, and are continually updated to meet security needs.
Is WebPT HIPAA compliant?
Yes, WebPT can be HIPAA compliant. The company is willing to sign a BAA and has security features for HIPAA compliance. However, covered entities should ensure that security settings are configured to match their specific needs to comply with HIPAA.
Consider your email security
WebPT may be a possible option for your healthcare organization, but you also need to consider protecting your email security. HIPAA compliant email can help you communicate with your patients safely. Paubox Email Suite lets your employees send encrypted emails directly to your patient's inbox. You can say goodbye to client portals and forgotten passwords. Paubox is also easy to integrate into your current email provider, including Google Workspace and Microsoft 365. Our HITRUST CSF certified software ensures that PHI is protected when you send emails.