When it comes to your customer’s data, security always comes first. Above all else, Loyal ensures confidentiality of every piece of electronic protected health information (ePHI) we touch.
HIPAA simply demands compliance with the general rules within it, specifically the Security Rule, the Privacy Rule and the Breach Notification Rule. Loyal supports HIPAA compliance (within the scope of the Business Associate Agreement) but ultimately complying with HIPAA is a shared responsibility between the customer and us. We list below what steps Loyal takes to ensure HIPAA compliance:
Loyal has successfully completed its SOC 2 Type 2 audits for controls relevant to security, availability, and confidentiality. This means that an independent third party has both validated our processes and practices with respect to these three trust services criteria and confirmed our ability to maintain compliance with the controls we’ve implemented.