TheraPlatform complies with physical, administrative and technical requirements of HIPAA and the below is just a basic overview of what we do to protect your data. For security reasons, we do not reveal every single process and procedure we implement publicly and if you have any questions, you may contact us directly.
We implement video connection encryption, website connection encryption (SSL) with 2048-bit SSL with a 256-bit encryption. We encrypt database backups. Our server drives are encrypted with a data key using the industry-standard AES-256 algorithm. In addition, we implement high availability architecture and a web application firewall. We have detailed logging and auditing in place. All data is encrypted both at rest and in transmission. Our database is encrypted using the 256-bit Advanced Encryption Standard (AES-256).
TheraPlatform runs on servers that are monitored 24/7, 365 days a year with strict physical and technical policies and procedures at the server facility. These include: surveillance with CCCTV ; professional security guards with appropriate background checks and utilization of biometric scanners, surveillance, detection system and sound alarms and much more!
Mechanisms to address power outages, climate, temperature changes, and fire are also implemented by the server facility to ensure continuity of service.
TheraPlatform provides encrypted database backups on daily bases per HIPAA regulations.
TheraPlatform’s security program includes regular risk assessment as required by HIPAA with HIPAA’s recommended assessment tool and documentation.
TheraPlatform provides business associate agreement (BAA) with no additional charge.