Is Sumac HIPAA compliant?

Is Sumac HIPAA compliant?

General

Sumac supports all the technical requirements that enable an organization to be in compliance with the requirements of the HIPAA standard.

Details

The basic things that Sumac does to comply with HIPAA are:

a. require passwords and user profiles that restrict visibility of the data to authorized users

b. encrypt connections between Sumac and the database

c. provide mechanisms for updating information in the database

d. log access to the information in the database

e. do all the above things securely (the security of these things that is required for Sumac's PA-DSS certification exceeds what the HIPAA standards require)

In the case of HIPAA, most of the requirements are imposed on the organization (i.e. the organization using Sumac), not the Sumac software itself. A Sumac user that leaves print-outs of medical history lying around on their desk is not complying with HIPAA (unless access to their desk is controlled), even though the Sumac software enables them to comply.


    Societ Academy

    Learn what you need to know, any time. Free!



    • High quality training on demand - sessions are available every day, so you can access training that fits into your schedule.
    • Training sessions that are easy to follow - helpful tips throughout each session, and access to training moderators ensure your questions get answered.
    • A certificate of completion - you can request a certificate of completion for every session you attend.