You want to make it as simple as possible for a patient to visit you, and many healthcare providers look to online scheduling software to make booking appointments easy. However, your scheduling software needs to be HIPAA compliant. Zocdoc is a popular online medical appointment booking service. But is it in compliance with HIPAA? Let's review Zocdoc and its company policies.
Zocdoc and the business associate agreement
Scheduling software companies are usually considered business associates because of the potential to receive protected health information (PHI). Covered entities should make an effort to ensure that they partner with a scheduling software company that is willing to sign a business associate agreement (BAA). A BAA ensures that a business associate follows HIPAA security guidelines about protecting PHI. Zocdoc does provide a BAA. You can read the BAA by clicking here .Zocdoc and data security
Zocdoc does have security features in place to protect data. Some of these security features include:
- Employees receive annual data security training
- HITRUST CSF certified
- Annual security audits
- All data storage is encrypted
- Secure backups and robust backup policies
- TLS connection for data transmission
- Two-factor authentication
To read more about Zocdoc's data and security, click here .