Healthie is a HIPAA Compliant Software for Nutrition & Wellness
Your Information is Always Safe
Healthie incorporates industry-leading measures to secure the information of you and your clients.
Healthie is compliant with US Health Insurance Portability and Accountability Act (HIPAA) regulations. That includes the Privacy, Security, & Breach Notification Rules and the Administrative & Physical Safeguards.
Healthie’s infrastructure protects data in compliance with the Canadian Personal Information Protection and Electronic Documents Act (PIPEDA).
Healthie’s payment processor is certified as Payment Card Industry (PCI) Service Provider Level 1, the highest possible level.
The General Data Protection Regulation (GDPR) is a regulation that requires businesses to protect the personal data and privacy of EU citizens for transactions.
We Maintain the Highest Levels of HIPAA Compliant Security and Privacy
Our servers are housed in facilities that are protected by biometric security, surveillance systems, and security guards - 24 hours a day, 7 days a week, 365 days a year.
We have a disaster recovery plan in place, including redundant power supplies and data backup.
We store data at SOC Type 1- and SOC Type 2-certified facilities.
Our website data is encrypted with 256-bit Secure Socket Layer (SSL) technology, whether you’re on a desktop, laptop, tablet, or phone. We use cryptographic keys to authenticate data transfer.
We use standard transactional codes (CPT, ICD-10) that are based on up-to-date databases and monitored for updates. We monitor state & federal HIPAA rules to ensure compliance is current.
We process credit card transactions using secure encryption on a Level 1 PCI-compliant network. We tokenize and encrypt all payment information, and we do not store it ourselves.
We offer granular organization-level permissions, to control data access. Healthie employees are trained on security protocols, and we have a company Privacy Officer.
We are regularly audited by third party penetration testers to ensure compliance meets standards. We also run tests on our own software: we scan our ports, test for SQL injection, and block cross-site scripting.
Why HIPAA, PIPEDA, and PCI-compliance Is Important for Your Business
Your business and client information is confidential, we ensure it stays that way.
“We are so pleased to share this unique tool with our shoppers to allow them to safely and conveniently connect with a member of the dietitian team to address any number of their needs, from education on a diabetes eating pattern to recipe suggestions with basic pantry staples.”