The Health Insurance Portability and Accountability Act (including the Privacy Rule, Security Rule, Breach notification Rule, and Health Information Technology for Economic and Clinical Health Act) ("HIPAA"), requires Covered Entities and Business Associates to take certain measures to protect health information that can identify an individual. It also provides certain rights to individuals. Zoho does not collect, use, store or maintain health information protected by HIPAA for its own purposes.
Zoho Commerce provides features (as described below ) to help its customers use Zoho Commerce in a HIPAA compliant manner.
HIPAA requires Covered Entities to sign a Business Associate Agreement (BAA) with its Business Associates. You can request our BAA template by sending an email to legal@zohocorp.com.
Member Portal & Access Restriction
Zoho Commerce provides role-based access to the features available. The member portal contains an access control list, where the store owner can restrict the website's access to employees/visitors. This allows the store owner to have complete authority over user's access permissions. Not all users can view or access the administrator's functions.
SSL Certificate
With Zoho Commerce, business owners can install their own SSL Certificates or purchase one from 'let's encrypt' for free. SSL protocol provides encryption, authenticity, and integrity for stores created through Zoho Commerce. More details available on this help link.
Audit Trail
The Audit page allows users to review the builder activities that have been recorded. Logs are available for up to 6 months. Logs can be exported as csv files. All write operations involving ePHI and sensitive read operations like export will be available in the Zoho Commerce Audit Trail. We will provide audit log to user based on request. Users can request by sending mail to Zoho Commerce Support Team.
Forms
Zoho Commerce's forms can be used to collect ePHI data. The form fields can be marked as sensitive while collecting ePHI data(link). Field encryption option can be applied for ePHI data collected. While exporting the form data, ePHI data can be withheld. Form data is not stored by Zoho Commerce. The Zoho Forms service is integrated with Zoho Commerce.
Custom Fields
Learn how to use the best tools for sales force automation and better customer engagement from Zoho's implementation specialists.
If you'd like a personalized walk-through of our data preparation tool, please request a demo and we'll be happy to show you how to get the best out of Zoho DataPrep.
Write to us: support@zohoforms.com