Introduction

At TeamDoctor, we prioritize the privacy and security of health information. Recognizing the importance of compliance with the Health Insurance Portability and Accountability Act of 1996 (HIPAA), we are committed to ensuring that our platform meets the necessary standards to protect Protected Health Information (PHI).

Platform Infrastructure and HIPAA Compliance

TeamDoctor is powered by GoHighLevel (GHL), a platform that offers a HIPAA compliance upgrade. By default, GHL accounts are not HIPAA compliant. However, once the HIPAA compliance add-on is purchased and enabled, it applies to all location accounts within your agency and cannot be deactivated. This upgrade includes the execution of a Business Associate Agreement (BAA) between GHL and the agency, ensuring that the platform meets HIPAA requirements for handling PHI.

We have taken the necessary steps to enable HIPAA compliance on our GHL account, including the purchase of the HIPAA compliance add-on and the execution of the BAA with GHL. This ensures that our platform is equipped with the required safeguards to protect PHI.

Our Commitment to Privacy and Security

With HIPAA compliance enabled on our platform, TeamDoctor has implemented the following measures:

Data Encryption: All data is encrypted both in transit and at rest.

Access Controls: Role-based access controls ensure that only authorized personnel can access PHI.

Audit Logs: Comprehensive logging of user activities to monitor access and changes to PHI.

Secure Hosting: Data is hosted in secure, HIPAA-compliant environments.

Employee Training: Staff are trained on HIPAA regulations and the importance of protecting PHI.

Incident Response Plan: Procedures are in place to respond to any potential breaches or security incidents.

Business Associate Agreements (BAA)

TeamDoctor is prepared to enter into BAAs with Covered Entities and Business Associates as required. These agreements outline our responsibilities in safeguarding PHI and ensure compliance with HIPAA regulations.

To request a BAA, please contact us at:

Email: [email protected]

Client Responsibilities

While TeamDoctor provides a HIPAA-compliant platform, clients are responsible for:

Proper Configuration: Ensuring that their use of the platform aligns with HIPAA requirements.

Data Management: Avoiding the storage or transmission of PHI outside of the secured environment.

Training: Educating their staff on HIPAA compliance and proper handling of PHI.

Policies and Procedures: Implementing internal policies that support HIPAA compliance.

Clients should consult with their legal or compliance advisors to ensure that their use of TeamDoctor aligns with all applicable HIPAA obligations.

Disclaimer

Enabling HIPAA compliance on the TeamDoctor platform ensures that the necessary technical safeguards are in place. However, HIPAA compliance is a shared responsibility. Clients must ensure that their use of the platform, including the data they input and how they manage access, complies with HIPAA regulations.

Contact Us

For questions about our HIPAA compliance or to request a BAA, please contact:

Email: [email protected]

Website: https://teamdoctor.com