If you read our blog, you know that SundaySky treats issues concerning privacy and data security with the utmost importance. Therefore, we take great pleasure in announcing that we are now HIPAA compliant, an important development for our healthcare and insurance clients and a differentiator for us among personalized video marketers.
The Health Insurance Portability and Accountability Act (HIPAA) outlines a set of regulations in the safeguarding of sensitive patient data. To ensure HIPAA compliance, companies that use protected health information (PHI) must store it in a secure environment, know its location and know who can access it and when.
At the request of our customers in the health insurance industry, SundaySky became HIPAA compliant with upgraded architecture components, stricter access controls and data encryption technology. We also instituted some new security measures for our staff, including procedures on corporate passwords, business continuity and personal data storage on mobile devices. All of these improvements helped SundaySky to become compliant with the rules of HIPAA.
The process is simple: SundaySky uses a third-party audited HIPAA compliance program in which an external auditor (Ernst & Young) verifies a list of controls related to HIPAA compliance. In the annual SOC 2 report, Ernst & Young identifies the controls for HIPAA that have been checked and confirms that SundaySky is HIPAA compliant.
People, processes and technology are the key to HIPAA compliance – so feel safe in knowing that SundaySky is more compliant than ever.