At Inphonite we take security very seriously. In fact, it’s our number one priority when we’re designing a product. Electronic Protected Health Information (ePHI) is a huge topic gracing our President’s desk regularly in the form of Business Associate Agreements and phone calls and emails with various attorneys throughout the world.
While Business Associate Agreements put in place some guidelines around PHI and ePHI, Inphonite takes it further than most companies.
When recently reviewing one such BAA, we noticed glaring errors. Upon discussion with the hospital, they stated that they have several such Agreements in place with other companies and no one had pointed out the errors previously. They were extremely grateful that we had taken the time to actually read through their BAA and not just throw it on some executive’s desk to be signed and done with.
These are legal and binding contracts. We want every single signed document to be amenable to all parties. In some instances that means that the language or Agreements are different than in others. They are not uniform amongst our customers and that’s okay with us, because we are willing to work through to get them perfect. A spelling error isn’t a big deal, until it is. If a word is changed from, “adequate” to “inadequate” the meaning is vastly changed. If a document says “for” instead of “by” we might have just changed the entire responsibility of a clause.
In addition to helping our customers with their Business Associate Agreements, we have been watching the news about the Heartbleed bug. We are pleased to announce that Inphonite and our customers have not been affected by this bug. Heartbleed is an issue with the open source SSL implementation (OpenSSL.) Inphonite does not use OpenSSL and is therefore not affected. To test a website for Heartbleed, we suggest https://filippo.io/Heartbleed