HIPAA compliant messaging
Confidentiality – With OnPage messages are SSL encrypted in transit and 256AES encrypted at rest in our database.
Integrity – With OnPage the full message can be viewed only by the receiver and the sender and cannot be altered. For enterprises – additional to Sender and Receiver, only authorized personnel Super Admin can view message content.
Availability – With OnPage messages are retained on our servers for 6 years.
OnPage – HIPAA compliant messaging
OnPage is HIPAA Compliant and maintains reasonable and appropriate administrative, technical, and physical safeguards for protecting e-PHI.
Specifically, covered entities must:
> Ensure the confidentiality, integrity, and availability of all e-PHI created, received, maintained or transmited
> Identify and protect against reasonably anticipated threats to the security or integrity of the information – Database is located in a secure SAS70 certified, SSAE 16 compliant hosted location
> Protect against reasonably anticipated, impermissible uses or disclosures – With OnPage, message content cannot be compromised by OnPage’s general employees as it is encrypted. Enterprises can remote-wipe the OnPage messages on the device in case it gets lost or stolen
> Ensure compliance by their workforce – Every new employee gets trained regarding HIPAA rules upon joining the company
Miguel A. Cano, MD, FACOG
Adventist Health Center
Susan E. Moynihan, MD
North Shore Physicians Group