What is HIPAA Compatible?
HIPAA compliance comprises of technical safeguards as well as procedural. Our Uni-Share system is built within the Microsoft 365 environment, which has the tools to become fully HIPAA compliant.
A key piece of HIPAA compliance is obtaining a Business Associate Agreement (BAA) with the third party in control of the service environment. Microsoft offers a BAA for their 365 environment.
Below are the technical safeguards required for HIPAA compliance, and how Uni-Share can fulfill them.
HIPAA Compliance Technical Safeguards
A covered entity must implement technical policies and procedures that allow only authorized persons to access electronic protected health information (e-PHI).
45 C.F.R. § 164.312(a).
Uni-Share uses Microsoft 365 authentication to control access to PHI.
A covered entity must implement hardware, software, and/or procedural mechanisms to record and examine access and other activity in information systems that contain or use e-PHI.
45 C.F.R. § 164.312(b).
The Microsoft 365 platform offers a variety of log collection and alert tools.
A covered entity must implement policies and procedures to ensure that e-PHI is not improperly altered or destroyed. Electronic measures must be put in place to confirm that e-PHI has not been improperly altered or destroyed.
45 C.F.R. § 164.312(c).
The Microsoft SharePoint offers a variety of document version controls and user permission controls.
A covered entity must implement technical security measures that guard against unauthorized access to e-PHI that is being transmitted over an electronic network.
45 C.F.R. § 164.312(e).
The Microsoft SharePoint offers a variety of document version controls, user permission controls, and a recycle bin.