Secure Socket Layer (SSL) establishes an encrypted link between the web server and a web browser. It provides encryption in transit. With Zoho Sites, business owners can install their own SSL Certificates or purchase one from 'let's encrypt' for free. SSL protocol provides encryption, authenticity, and integrity for websites. Documents such as web pages from an HTTPS website secured by an SSL certificate have their integrity verified by an encrypted hash contained in the digital signature, which is independently computed by the browser before trusting the document. The data cannot be intercepted and manipulated by a malicious third party while in transit without the browser detecting the issue and alerting the user.

Member Portal & Access Restriction

Zoho Sites provides role-based access to the features available. The member portal contains an access control list, where the website owner can give access to restricted pages or files from the website to only a select few members. This allows the website owner to have complete authority over user's access permissions. Not all users can view or access the administrator's functions.

Audit Trail

 The Audit page allows users to review the builder activities that have been recorded. Logs are available for a period of 6 months. Logs can also be exported as csv files. All write operations involving ePHI and sensitive read operations like export will be available in the Zoho Sites' Audit Trail.

Zoho Sites' forms can be used to collect ePHI data. The form fields can be marked as sensitive while collecting ePHI data. Field encryption option can be applied for ePHI data collected. While exporting the form data, ePHI data can be withheld.