We love having health care businesses join our family, and we totally respect the guidelines that you need to follow. First and foremost, Schedulicity takes security and privacy very seriously. We’re a very transparent and honest company and we strive to keep the interests of your business and your clients at the center of what we do.
You may already know this, though ultimately, HIPAA compliancy is upheld through business practices rather than through a tool or software. Since Schedulicity is a tool, we're not able to be HIPAA compliant, so that's really up to each business's practices. Let's dig into all those nitty gritty details and what to keep in mind:
- HIPAA Privacy Rules focus on protections for personal health information held by covered entities and gives patients certain rights with respect to that information. Software tools and software services cannot be HIPAA-compliant, simply because software is a tool and not a business practice. It is important to understand that the term "HIPAA Compliance" refers to an organizational obligation and procedural integrity, but not to a technical specification or particular software tool. HIPAA regulations do not apply to Schedulicity as Schedulicity does not perform insurance or related transactions (HIPAA transactions), and does not collect any medical history.
With that said, we do absolutely take security and privacy very seriously. Here is a list of Schedulicity features that will help determine if Schedulicity is a good fit for your business:
- When your clients schedule online reservations at Schedulicity.com, they are unable to see any other reservations that exist on your service provider calendar.
- A client must create a username and password to create an online reservation. A client can see only reservations made using this username and password when he or she logs in at Schedulicity.com.
- As a service provider, only users with a valid business username and password can access your calendar, reports, and other business information.
- As either a service provider or client, Schedulicity conducts your entire session across an SSL-encrypted channel.
- All client demographic and reservation data is stored in a secure database and is accessible only to those with the correct username and password. Note, however, that this data is not encrypted.
Please note that the following information is unencrypted in Schedulicity:
- Reservation confirmation and reminder text messages and emails that include the client’s name and/or scheduled service.
- Reservation notification emails and text messages that are delivered to service providers and include the client’s name and scheduled service
We hope that this information will provide you with details to help make your decision if we are a good fit for your business.