Listing 3 Results for “CRM Services”
The Salesforce platform can be set up to meet HIPAA compliance standards through certain features that help keep Patient Health Information (PHI) secure in the cloud. Salesforce complies with the HIPAA Security Rule, including administrative, physical, technical, organizational, and documentation safeguards to protect PHI.Customers can meet strict HIPAA security requirements using customer-controlled security features through Salesforce Covered Services. Additionally, Salesforce has core security safeguards such as data encryption in transit, ongoing monitoring for security violations, and audit logging to identify changes in activity. Customer administrators can use configurable tools to- Define permission sets that govern the visibility of data- Maintain strict password security- Monitor field level history- Set security rules to manage data access- Define a company-wide sharing model and role hierarchyIn addition to permission sets, customers can define user profiles to limit data record access to authorized employees. It’s a good idea to use the premium set of Salesforce features known as “Salesforce Shield.” These features provide extra monitoring, encryption, and auditing. You might need to enable other features or additional services to ensure the protection of PHI when information is in transit.If you’re planning to use Salesforce for patient information, reach out to your account representative for a signed Business Associate Agreement (BAA). The account representative can also advise you on specific features and settings for HIPAA compliance.
Zoho’s website provides limited information about HIPAA compliance. Even though its tools aren’t for healthcare entities specifically, many of the security features may meet HIPAA requirements.These cloud-based services are comparable to those in Office 365 and G Suite, with secure solutions for word processing, custom applications, project management, live chat, app integration, and an IoT management platform.The company offers technical, physical, and administrative safeguards for all services, but there are questions about whether these privacy features are sufficient for HIPAA regulations.Zoho is willing to sign a Business Associate Agreement (BAA), but the company clearly states that its apps aren't built for the healthcare industry. Responsibility for compliance remains with the customer.For now, covered entities should check with Zoho for specific security features and updates on each of the available tools.
HubSpot isn’t a HIPAA-compliant service, so covered entities shouldn’t use it for PHI. On HubSpot’s terms of service page, the company states that its services don’t comply with industry-specific regulations like HIPAA.HubSpot is clear that customers may not use its services for communications that are subject to these laws. The terms of service forbid the processing or storage of sensitive health information.Also, HubSpot won’t sign a Business Associate Agreement (BAA), which is a requirement for HIPAA compliance.