Our Commitment to Protecting Health Information
EliteMD is committed to maintaining the privacy and security of protected health information (PHI) in compliance with the Health Insurance Portability and Accountability Act (HIPAA). When patients submit inquiries to doctors through our platform, the information shared may constitute PHI, and we handle it with the highest security standards.
Technical Safeguards
EliteMD implements comprehensive technical safeguards including: 256-bit AES encryption for all data at rest, TLS 1.3 encryption for all data in transit, multi-factor authentication for doctor dashboard access, role-based access controls, automated audit logging of all data access, regular penetration testing and vulnerability assessments, and SOC 2 Type II certified cloud infrastructure.
Administrative Safeguards
Our administrative safeguards include: designated HIPAA Privacy and Security Officers, annual HIPAA training for all staff, Business Associate Agreements (BAAs) with all vendors, incident response procedures, and regular risk assessments.
Patient Rights Under HIPAA
As a patient using EliteMD, you have the right to: access your health information held by EliteMD, request corrections to inaccurate information, receive an accounting of disclosures of your PHI, request restrictions on certain uses of your information, and file a complaint if you believe your privacy rights have been violated.
Doctor Responsibilities
Doctors using EliteMD's dashboard to receive patient inquiries are responsible for maintaining HIPAA compliance in their practices and protecting any PHI received through our platform.
Questions About HIPAA Compliance
If you have questions about our HIPAA compliance practices or wish to exercise your rights, please contact our team.
Contact Our Team
Have questions about finding the right specialist? Our patient concierge team is here to help you navigate your healthcare journey.