wellness4one Enterprise: Secure Employee Data
HIPAA and HITECH compliant employee data transmission and storage
The HIPAA and HITECH acts set high legal requirements for collecting, storing and transmitting employee protected health information (PHI or ePHI). wellness4one fully complies with these laws through
a number of processes designed to keep your employee data secure. To start, wellness4one collects the minimum amount of information on members necessary to provide an effective health and wellness system.
Next, access to employee data is restricted to the members themselves with some exceptions granted for wellness program administrators and possibly personal trainers and dietitians assigned to that individual.
In addition, wellness4one provides the secured socket layer protocol for all PHI transmissions to and from the browser and all
PHI data is stored using AES encryption. Furthermore, All wellness4one hardware is operated out of secure facilities with restricted access.
Following HIPAA and HITECH requirements consists of a series of procedures and cannot simply be managed by technology alone. wellness4one.com is dedicated to keeping your employee PHI safe.
A partial list of wellness4one Enterprise Secure Data features at a glance
|
Feature |
Description |
|
Secure System Access |
All access to wellness4one data through authenticated and authorized Member Names. When creating a member account, a user will create a member name and password. They will then use this member name
and password when accessing their account information. Administrators may assign personal trainer or dietician access to a group which will grant specified members privileged access to create, view and edit member
workout logs, calorie logs, evaluations and reports.
|
|
Secure Data Transmission |
Secured Socket Layers (SSL) is a widely used transmission protocol to ensure that data passing between the member's browser and our web servers is encrypted and cannot be deciphered en-route.
|
|
Secure Data Storage |
For added safety, before PHI data is sent over the Internet for storage at wellness4one.com, it is first encrypted using the AES standard. All PHI data stored on our databases is encrypted using AES as well. |