HIPAA Compliance and Security

Your trust is important to us.

HealthLoop is committed to ensuring the privacy, confidentiality, security, integrity, and availability of patient data it receives and/or stores.

HealthLoop maintains privacy and security policies consistent with the Health Insurance Portability and Accountability Act of 1996 (HIPAA), and signs a Business Associate Agreement with each of its customers. HIPAA policies and compliance with HIPAA procedures are audited annually by a third-party auditor.

Details of HealthLoop’s privacy practices are available in its Notice of Privacy Practices.

HealthLoop’s application infrastructure meets or exceeds HIPAA requirements. It is built on the HIPAA-compliant and HITRUST-certified Stratum Platform-as-a-Service from Catalyze.

HealthLoop’s software undergoes annual penetration and vulnerability testing and employs a wide array of monitoring, scans, and audits to detect any system irregularities or intrusion attempts.

HealthLoop commits to a service-level agreement (SLA) of 99.9% and maintains and periodically tests plans for Disaster Recovery, Incident Response, and Risk Management.

In addition, HealthLoop maintains a Red Flag program to help prevent the use of HealthLoop software or services for identity theft.

Questions?  Please contact us.