Nurse-1-1 treats your personal health information just like you would treat it! That’s why we are HIPAA compliant, and then some.
When using Nurse-1-1, the last thing we want people to worry about (being sick is worry enough) is who might accidently see the very personal information they share with a Health Expert. Which is why we go to great lengths to ensure that personal information stays secure and protected.
So, what the heck is HIPAA anyway? HIPAA is a public law put forth by the United States government that includes a set of general guidelines to help protect people’s personal health information (PHI). These guidelines include technological ones as well as logistical ones (administrative and physical safeguards). We work closely with our healthcare partners (through Business Associate Agreements also known as “BAA”) to ensure all users of Nurse-1-1 can rest easy that there health information is just that, theirs.
Nurse-1-1’s Technological Standards
- All Nurse-1-1 chats are encrypted end-to-end, both in transit and at rest. We use AES 256 CBC encryption. Encryption means all messages sent in a chat are turned into unreadable codes until unencrypted.
- Nurse-1-1 encrypted data is hosted by Amazon Web Services utilizing their AWS HIPAA-compliant services and encrypted using AES 256 CBC. Nurse-1-1 and Amazon Web Services have an executed BAA in place.
- All Nurse-1-1 Health Experts have a unique username and password and must undergo authentication in the case of lost passwords.
- Currently, only authorized senior level Nurse-1-1 personnel are able to handle accounts and access encrypted PHI. Nurse-1-1 healthcare partners can request specific health information if authorized by the user.
- Nurse-1-1 logs all activity on our application and regularly audits the logs to ensure no abnormal/suspicious use is occurring.
Nurse-1-1’s Logistical Standards
- All of Nurse-1-1’s Health Experts undergo a thorough evaluation process by Nurse-1-1 senior personnel prior to participating in any chats. This process includes taking Nurse-1-1’s HIPAA training and agreeing to abide by Nurse-1-1’s strict HIPAA policies and procedures.
- All of Nurse-1-1’s workforce undergo HIPAA training on an annual basis whether or not they come in contact with PHI at any time.
- All healthcare partners using Nurse-1-1’s applications sign our BAA.
Nurse-1-1’s Independent Certifications
- HiTrust CSF Self Assessment
If you have any questions, please contact as at firstname.lastname@example.org