< BACK

How This App Protects Your Privacy

DreamCloud Psychiatry App and HIPAA Compliance

Dear Valued Users,

We understand the importance of maintaining the privacy and security of your personal health information when using the DreamCloud Psychiatry mobile app. To ensure that we adhere to the highest standards of data protection and comply with the Health Insurance Portability and Accountability Act (HIPAA), we have implemented the following comprehensive measures:

Data Encryption: Your privacy is of utmost importance to us. To guarantee the confidentiality of your data, we employ state-of-the-art encryption protocols. This means that any information you transmit to or store within the app is scrambled into unreadable code, both during transmission and while at rest on our servers. This encryption makes it virtually impossible for unauthorized parties to access or decipher your sensitive health information.

Access Control: We take strict measures to control who can access your patient records. Only authorized individuals, such as your healthcare provider and our trusted staff, are granted access. User authentication methods, including unique usernames and passwords, ensure that only those with the proper permissions can view your data. Role-based permissions further restrict access, ensuring that your information is only accessible to those who need it for your treatment.

Secure Communication: Your interactions with your healthcare provider are sensitive and confidential. To protect these interactions, we utilize secure communication channels within the app. This ensures that any messages, video calls, or other forms of communication you have with your provider are shielded from interception and eavesdropping by unauthorized parties.

Audit Trails: Transparency and accountability are central to our HIPAA compliance efforts. We maintain comprehensive audit trails that meticulously record all activities within the app. This includes who accessed your information, when they accessed it, and what actions they performed. These logs serve as a critical tool for tracking and monitoring access to your patient data.

Data Backup and Recovery: Your data's availability and integrity are crucial. To ensure continuity of care, we perform regular data backups. Additionally, we have a robust disaster recovery plan in place. This means that in the event of any unforeseen circumstances, such as a server failure or natural disaster, your data remains safe and accessible.

Data Minimization: Our commitment to HIPAA compliance extends to the principle of data minimization. We only collect and store the minimum necessary patient information required for your treatment and billing purposes. This approach aligns with HIPAA's guidelines for limiting the amount of personal health information that is collected and maintained.

Training and Awareness: Every member of our staff and provider network undergoes rigorous training in HIPAA regulations and privacy practices. This training ensures that all individuals involved in your care are well-versed in the rules and standards governing the protection of your sensitive health information.

Incident Response: While we take extensive precautions to prevent data breaches, we also have a well-documented incident response plan in place. In the unlikely event of a data breach or security incident, this plan guides our actions to mitigate risks, address the situation promptly, and inform affected parties, including regulatory authorities, as necessary.

Business Associate Agreements: We understand the importance of safeguarding your data when working with third-party vendors. To ensure your data remains secure, we establish HIPAA-compliant business associate agreements with these vendors. These agreements require them to adhere to the same high standards of data protection as we do.

Patient Consent: Your informed consent is a fundamental aspect of our data handling practices. Before using the app, you are provided with clear information about how your data will be used and protected. Obtaining your consent ensures that you are fully aware of and agree to our privacy policies.

Access Requests: As a patient, you have the right to request access to your medical records and request corrections to them if necessary. We are committed to facilitating this process in accordance with HIPAA guidelines to ensure the accuracy and completeness of your health information.

Compliance Monitoring: To maintain the highest standards of HIPAA compliance, we conduct regular audits and assessments of our systems and processes. This ongoing monitoring ensures that we remain in full compliance with all relevant regulations and standards.

Your trust in DreamCloud Psychiatry is of utmost importance to us. By implementing these comprehensive measures, we prioritize the privacy and security of your data, aligning with HIPAA regulations and standards. If you have any questions or concerns regarding our HIPAA compliance policy, please do not hesitate to reach out to us.

Sincerely,

Chris Lee PMHNP-BC, CEO, DreamCloud

Last revised 20 JUN 2024.

This document is the proprietary and copyrighted property of EHL Psychiatry LLC. Any unauthorized copying or reproduction is strictly prohibited without our express permission.