Stay HIPAA compliant with Zoho Connect
Overview
The Health Insurance Portability and Accountability Act, HIPAA, requires Covered Entities and Business Associates to take certain measures to protect an individual's health information that are collected, accessed, processed, and stored when at rest or in transit.
Zoho Connect does not collect, use, store, or maintain health information protected by HIPAA for its own purposes. However, as a Business Associate, Zoho Connect ensures its customers can comply with HIPAA.
HIPAA requires Covered Entities to sign a Business Associate Agreement (BAA) with its Business Associates. You can request our BAA template by sending an email at legal@zohocorp.com.
Zoho Connect provides the following features that allow administrators to implement a HIPAA compliant intranet for their organization.
Labelling of ePHI
Network admins can mark the user profile fields that might contain any protected health information (ePHI) as 'personal information' and encrypt them for additional security. Encrypting personal information prevents unauthorized access to confidential data.
While creating an app using Custom Apps in Zoho Connect, the app creator can mark any field that might contain health information as 'contains health info (ePHI)' to ensure the data is encrypted.
The data in the following entities — tasks, events, and polls and the titles of Posts, Forums, Groups, Manuals, Articles are not considered as ePHI.
Data encryption
All data in your network are stored on Zoho Connect servers in an encrypted format. Zoho Connect uses one of the strongest and secure ciphers such as, AES (Advanced Encryption Standard), to encrypt sensitive data and AES-256 to secure data stored on our servers. This ensures that your data is protected from unauthorized access, disclosure, or modification. In addition to this, the data stored is Encrypted At Rest (EAR) and all data transfers in the web happen in secure mode (HTTPS) for utmost security.
Audit logs to track data sources and modifications
Zoho Connect has extensive Audit Logs to record the activities in your network. This helps admins to track and monitor deletions and modifications in the network and user data at any time. Furthermore, Edit History keeps a detailed record of changes made to the posts, and manuals in your network.
Audit logs for modifications made in Custom Apps are currently not available.
Data backup and retention
All your network data and audit logs are stored in our secure servers which will be available to you for legal and compliance purposes. The highly secure physical controls at data centers and transit level encryption ensure that your data stays well protected. The administrators can also take periodic backup of network data, based on their requirements and store it in their local storage.
The Audit Logs and ePHI data are available for a period of 1 year.
Data Deletion
Users in the network can delete the posts, comments, attachments, manuals, groups, events, and town halls shared and created by them. However, a copy of deleted items will be available in the trash of each module and only network admins can access it.
The option to label ePHI as personal information, audit logs, edit history, and Trash to store deleted data are available only in paid plans of Zoho Connect. Click here to view pricing.
Disclaimer: The information presented herein should not be taken as legal advice. This article is written to help organizations understand how Zoho Connect can enable them to be HIPAA compliant. We urge you to contact your legal advisor to know how HIPAA is applicable, its impact on your organization, and the processes involved to be HIPAA compliant.
Zoho DataPrep Personalized Demo
If you'd like a personalized walk-through of our data preparation tool, please request a demo and we'll be happy to show you how to get the best out of Zoho DataPrep.
- Zoho Workerly Home
- Forums
- Connect With Us:
- Zoho Recruit Home
- Forums
- Connect With Us:
Zoho CRM Training Programs
Learn how to use the best tools for sales force automation and better customer engagement from Zoho's implementation specialists.
Zoho SalesIQ Resources
New to Zoho TeamInbox?
Zoho TeamInbox Resources
New to Zoho ZeptoMail?
New to Zoho DataPrep?
Zoho DataPrep Resources
Design. Discuss. Deliver.
New to Zoho Workerly?
New to Zoho Recruit?
New to Bigin?
New to Zoho CRM?
New to Zoho Projects?
New to Zoho Sprints?
New to Zoho Assist?
Related Articles
Integrating Zoho Meeting and Zoho Connect
What is Zoho Meeting? Zoho Meeting is an online conferencing solution that lets you conduct screen-sharing sessions, and make audio or video calls to your team members. Using this integration, you can start a session with any of your Connect groups ...Integrating Zoho ShowTime with Zoho Connect
What is ShowTime? Zoho ShowTime is a training tool that lets you deliver your presentations and gain feedback on a secure cloud platform. This tool also allows members who work from a different location to join your session. Learn more about ...Integrating Asana with Zoho Connect
Overview The Asana integration with Zoho Connect helps you to stay updated on your Asana tasks without having to switch between tabs. What is Asana? Asana is a web-based task management software that helps you manage, track, and organize your ...Inactive networks in Zoho Connect
What is an inactive network in Zoho Connect? A Zoho Connect network is considered to be inactive when there has been no activity/login recorded for 120 days. Only the networks subscribed to Zoho Connect's free plan will be checked for inactivity. ...Integrating Zoho People with Zoho Connect
What is Zoho People? Zoho People is an online Human Resource Management System designed to manage and access all your employee data from a centralized location. Using this integration, your organization's data such as users, designations, ...