Healthcare information is the most sensitive data to collect and retain. This poses unique challenges for CRM providers looking to offer their services to healthcare and life sciences companies.Â
To demonstrate our commitment to ensuring all data captured and contained within the FreeAgent platform is safe and secure, FreeAgent CRM has worked closely with IRClass Systems and Solutions to achieve HIPAA compliance.
HIPAA (Health Insurance Portability and Accountability Act) compliance entails a variety of methods and best practices to ensure customer data security. Below are a few of the steps FreeAgent has taken to become a HIPAA compliant CRM:
- In-Transit data encryption- All inbound and outbound communication outside of our private data network is always encrypted using secure TLS 1.2/1.3 protocols.
- At-Rest data encryption- Data stored on servers in our private network is always encrypted using secure AWS KMS technology with periodically rotated keys, ensuring that physical access to disk storage is completely secured.
- ePHI (Electronica Protected Information)- All data is secured with robust access controls including Role Based Access controls (RBAC), Multi-Factor Authentication (MFA), and periodic access reviews.
- Backups- Automatic backups ensure the ongoing availability and security of data and systems.
- System logs- We store access logs and event logs to track all the login attempts and changes made to data.
- HIPAA security personnel- We have designated HIPAA security personnel in place, implementing policies and procedures to prevent, detect, contain, and correct breaches of ePHI.
At FreeAgent, trust is a non-negotiable value. We work hard to demonstrate this to our customers, our partners, and our employees.
It is a key part of our ongoing commitment to lead the way to a better work day.
Visit the FreeAgent Security page to learn more.
