Security is our Priority
When it comes to your customer’s data, security always comes first. Above all else, Loyal ensures confidentiality of every piece of electronic protected health information (ePHI) we touch.
Loyal is HIPAA compliant
HIPAA simply demands compliance with the general rules within it, specifically the Security Rule, the Privacy Rule and the Breach Notification Rule. Loyal supports HIPAA compliance (within the scope of the Business Associate Agreement) but ultimately complying with HIPAA is a shared responsibility between the customer and us. We list below what steps Loyal takes to ensure HIPAA compliance:
Data is encrypted in transit by employing TLS 1.2+
Data is encrypted at rest; Our hardware is hosted in the United States utilizing HIPAA compliant cloud services and encrypted using AES-256
API integrations are secured using an Authorization HTTP header and a Bearer authentication scheme
By utilizing our products, we've already cleared your IT department's Security audit
If you're working with us, it means we also have secured a Business Associate Agreement (BAA) with your Legal team
Our products give you the tools to administer users and their access and control
Our team completes mandatory HIPAA training and we continue to invest in on-going training curriculum for all of our employees
We leverage HIPAA compliant tools, i.e. Zoom, so that we can communicate with you in a responsible and secure way
For more information on how we protect you and your patient’s security, contact us here.