The Health Insurance Portability and Accountability Act (HIPAA) sets the standard for sensitive patient data protection. Companies that deal with protected health information (PHI) must have physical, network, and process security measures in place and follow them to ensure HIPAA Compliance.

If HIPAA applies to your business, it is considered a “covered entity”, and if you are using Sirvoy to handle patient information, then Sirvoy Ltd will be considered a “business associate”. Sirvoy is compliant with HIPAA and its privacy and security rules. (Please see related articles for more information about privacy and security.)

You may request a specific “business associate agreement” by contacting Sirvoy Support.

Note: It is best practice to minimize the amount of patient information entered into Sirvoy. For example, contact details will usually be necessary in relation to managing accommodation, while information about medical condition and treatment is not.