HIPAA requirements are triggered when a software product maintains patient identifiable information. For this reason, your use of Insightcentr would likely be covered by HIPAA, because some applications' window titles may have a patient's name or similar small but identifiable detail. It would be possible to take advantage of our privacy configurations and controls to restrict what is captured and measured, to prevent this requirement altogether while using Insightcentr . However, this may limit the utility of the solution to you.

Secure network transmission

HIPAA requires that all transmission of data between your business or our software be encrypted. Insightcentr meets this requirement.

Physical security

The service must be hosted in an access limited and monitored facility. Insightcentr meets this requirement by maintaining all resources in Microsoft's Azure data center

Access control

Operational access to the service must be secured for authorized use only and be auditable. Insightcentr meets this requirement.

Safe practices and policies

The service should maintain disaster recovery plans and offsite backups. Insightcentr meets this requirement, primarily by leveraging features of Microsoft Azure's service.

The HITECH supplement requires us to report intrusion or security events that effect customers' data. Specifically, the requirement is that if customer data resides in storage unencrypted (for example, a backup), even in a secured environment, that the service provider (us) must notify all and any customers whose data could have been vulnerable as the result of an intrusion event or other security violation. Insightcentr guarantees its customers that it will alert any and all customers possibly affected by a security defect or hacking event.

The service should maintain disaster recovery plans and offsite backups. Insightcentr meets this requirement, primarily by leveraging features of Microsoft Azure's service.