HIPAA Compliance & Security

HIPAA Compliance

As a practitioner, you deal with sensitive patient information and privacy concerns on a daily basis. We too have the same legal responsibility to protect and secure the data we collect on Fullscript under the HIPAA and HITECH legislations.

Our entire team is trained on their responsibility to follow our internal policies in implementing HIPAA Compliance. We’ve implemented several technical safeguards to protect Electronic Protected Health Information and other pertinent data on Fulllscript. This includes SSL encryption, secure data handling, data redaction, destruction policies and personal identification procedures for releasing data. As we grow, we continuously evolve our internal policies and review our security implementation.

If you have questions, please feel free to contact us and our HIPAA Officer will gladly field your questions, concerns and complaints.

SSL Security

Your Fullscript account uses a 128-bit SSL certificate to keep your information secure – the same level of encryption used by large banks around the world. You and your patient’s information are private and secure.

Level 1 PCI Certified

Your patient’s credit card information is stored on Level 1 PCI certified servers. You can rest easy knowing your patient data is secure. Since we can safely store your patient’s credit cards, it gives your patients the convenience of easy refills.

Business Associate Agreements

We initiate a BAA with each of our partners, even if PHI is not being shared. Additionally, Fullscript will issue a BAA with any clinic or practitioner that requests one.