HIPAA Compliance

When it comes to the management of protected health information (PHI), CentricMinds meets the privacy and security rules for the Health Insurance Portability and Accountability Act (HIPAA).

The CentricMinds platform when deployed within either a standard and/or high availability mode meet the AWS HIPAA Eligible Services.

These services encompass the following:

  • Elastic Load Balancing
  • Amazon Elastic Compute Cloud (Amazon EC2)
  • Amazon Elastic Block Store (Amazon EBS)
  • Amazon Relational Database Service (Amazon RDS) (MySQL)

This cloud stack satisfies the requirement of HIPAA for Protected Health Information (PHI) where content and data are encrypted while at-rest or in-transit.

CentricMinds also provides:

  • Use of SSL Certificates for browsing under HTTPS
  • Multi-factor authentication
  • Granular security model and session timeout management
  • Encrypted configuration information

Our Infrastructure Service Level Agreements cover:

  • Regular (and documented) security audits
  • Scheduled penetration testing
  • Installation, monitoring and user of antivirus software