Categories
Is SlickText HIPAA Compliant?
HIPAA Compliant Security and Protection
HIPAA does not expressly require the use or avoidance of any specific modes of communication. Thus, HIPAA does not expressly prohibit (or even mention) texting. However, HIPAA does require certain safeguards such as security and encryption steps to protect the patients privacy and information transmitted and stored.
Use of the SlickText platform and messages sent are within and above HIPAA compliance requirements. Everything you do on the SlickText platform is encrypted and secured. Messages composed and sent are encrypted until they reach the cellular provider and at that point it is up to them to keep your text message secure (which they do).
SlickText also has everything necessary to satisfy administrative safeguards such as 2-step authentication for internal employees and password protected accounts for users. It's also important to mention that all subscribers' numbers are stored in a database encrypted at rest, and are protected by a tightly managed firewall. We use a 256 bit AES government standard encryption with random initialization vectors to ensure data cannot be unencrypted without our key.
It is also important to note that we NEVER store any credit card information. All other sensitive information is encrypted as well.
