HIPAA Compliance at EasySignage

Effective Date: 15 Jun 2024

Overview

EasySignage is committed to supporting customers in the healthcare industry by offering services that align with the requirements of the Health Insurance Portability and Accountability Act (HIPAA). When customers manage Protected Health Information (PHI) through our platform, we ensure proper safeguards are in place as defined by HIPAA.

Business Associate Agreement (BAA)

EasySignage offers a standard Business Associate Agreement (BAA) for covered entities and business associates who need to ensure HIPAA compliance. To request a BAA, please contact support@easysignage.com.

Administrative Safeguards

• HIPAA awareness training for staff.
• Internal access policies and procedures to ensure only authorized personnel can access PHI.
• Breach response and incident management plans.

Technical Safeguards

• Encryption in transit (TLS) and at rest using Google Cloud Platform’s native services.
• Role-based access control and user authentication.
• Comprehensive audit logs and activity tracking.
• Secure API endpoints and HTTPS-only communication.

Physical Safeguards

• All infrastructure is hosted in Google Cloud HIPAA-compliant data centers.
• Access to facilities is strictly limited and monitored by our cloud provider.

Our Responsibilities

EasySignage does not access, store, or use PHI unless explicitly required by the customer and governed by a signed BAA. Customers are responsible for ensuring that PHI uploaded or displayed via EasySignage is handled in compliance with applicable laws.

Contact for HIPAA Inquiries

For questions regarding HIPAA compliance & security contact us at:
Email: support@easysignage.com
Phone: +61 2 8006 2699