HIPAA Compliance and ActiveDEMAND

Getting a BAA for HIPPA Compliance

ActiveDEMAND has a strong focus on security. For customers in the healthcare sector who process Electronic Personal Health Information (ePHI), ActiveDEMAND can help support compliance by executing a Business Associate Agreement (BAA) along with the customer.

For customers who are processing ePHI and are bound by HIPAA, they have to follow mandatory steps to establish a Secure Operating Environment (SOE).
Steps include:

SOE Compliance

Restrict Access

ActiveDEMAND supports multiple roles with different access capabilities. To reduce risk, employees and agents should only have the minimum access levels required to do their job.

IP Whitelisting

Whitelist IPs to only those users who should be able to access the platform.

Agent end-point computer security

Keep employee and agent end-points (computers, phones, any device used to access ActiveDEMAND) secure. The software must remain up to date and logins must be appropriately difficult to attack. Consult your IT company for structure on securing end-point access.

SSL

Using secure SSL communication is required. ActiveDEMAND requires the use of secure HTTPS and SSL to access the platform.

Mandatory Two-Factor Authentication (2FA) and password complexity

2FA and password complexity standards must be configured inside ActiveDEMAND and enforced on users.

User Data Rights

ActiveDEMAND supports user data rights. Customers can configure ActiveDEMAND to allow end-users to download and/or request deletion of their data (similar to a “Forget me” request in GDPR or personal data deletion requests in CCPA)

Book a free demo

Case Study

Testimonial

­

5-star   Reviews by G2 Crowd

"ActiveDEMAND is a true partner to DTE. We have enjoyed working with them for the last year. They have made very positive recommendations in our marketing efforts and have helped us grow our business. Their software platform is easy to use and intuitive. I enjoy working with their staff and learning from them."

Kelly Hicks, Information Technology Manager, DTE

Free Demo