Big News: FounderDating is joining OneVest to build the largest community for entrepreneurs. Details here
Latest Notifications
You have no recent recommendations.
Name
Title
 
MiniBio
FOLLOW
Title
 Followers
FOLLOW TOPIC

Question goes here

1,300 Followers

  • Name
    Entrepreneur
  • Name
    Entrepreneur
  • Name
    Entrepreneur
  • Name
    Entrepreneur
  • Name
    Entrepreneur
  • Name
    Entrepreneur
  • Name
    Entrepreneur
  • Name
    Entrepreneur

What is one of the best HIPAA secure CRM software applications?

We ar ea healthcare company that handles PHI (Personal Health Information) and we need to be HIPAA secure. We have an EHR and our own software that will be hosted in a HIPAA secure server, etc. But we are looking for a good cloud hosted (inexpensive) CRM for screening new potential participants before getting them officially into the EHR system once they sign up. Would love your thoughts...

4 Replies

Karl Schulmeisters
0
0
Karl Schulmeisters Entrepreneur
CTO ClearRoadmap
Take a look at Dynamics on Azure. Azure has a section that is HIPAA compliant (frankly that's why we opted for Azure as our platform - and you might consider that for your server environment as well in the future). Essentially MSFT simply requires a "Business Agreement" around the PHI to be stored and then your components are stored in the HIPAA compliant portions of Azure

http://download.microsoft.com/download/8/4/8/8483B6A9-1865-4D17-B6F1-5B66D5C29B10/Windows%20Azure%20HIPAA%20Implementation%20Guidance.pdf
Rob Mitchell
0
0
Rob Mitchell Entrepreneur
Senior Java Software Engineer at Direct Commerce
For our needs, we simply have our application encrypt/decrypt on the fly so that all PII is encrypted at rest on the disk. So if if a malicious person were to steal a snapshot of the entire database, it'd be useless without the encryption key - which is not available to be read on any file system.
Gaurav Garg
0
0
Gaurav Garg Entrepreneur
Vice President
Tribridge has customized Microsoft Dynamics for healthcare use cases. My team worked with Tribridge to implement their solution in a East coast based healthcare provider.

Let me know if you need help, I will be happy to make an introduction.
Gaurav
Karl Schulmeisters
3
0
Karl Schulmeisters Entrepreneur
CTO ClearRoadmap
Rob - that sounds fine for DAR (Data At Rest) but that doesn't address:


  1. Ensure the confidentiality, integrity, and availability of all e-PHI they create, receive, maintain or transmit;
  2. Identify and protect against reasonably anticipated threats to the security or integrity of the information;
  3. Protect against reasonably anticipated, impermissible uses or disclosures; and
  4. Ensure compliance by their workforce.
    http://www.hhs.gov/ocr/privacy/hipaa/understanding/srsummary.html


Because it doesn't speak to

  • how you encrypt or decrypt inbound/outbound traffic (DIM Data In Motion)
  • how you insure data integrity during usage (IE App security and runtime anti malware practices)
  • scope of data visibility to various workforce members (think Snowden)
  • security policies of accounts that have access to the unencrypted data
  • training methods of the users with authorized access.


Gaurav - that's good to know - we might need that in the future

Join FounderDating to participate in the discussion
Nothing gets posted to LinkedIn and your information will not be shared.

Just a few more details please.

DO: Start a discussion, share a resource, or ask a question related to entrepreneurship.
DON'T: Post about prohibited topics such as recruiting, cofounder wanted, check out my product
or feedback on the FD site (you can send this to us directly info@founderdating.com).
See the Community Code of Conduct for more details.

Title

Give your question or discussion topic a great title, make it catchy and succinct.

Details

Make sure what you're about to say is specific and relevant - you'll get better responses.

Topics

Tag your discussion so you get more relevant responses.

Question goes here

1,300 Followers

  • Name
    Details
  • Name
    Details
  • Name
    Details
  • Name
    Details
  • Name
    Details
  • Name
    Details
  • Name
    Details
  • Name
    Details
Know someone who should answer this question? Enter their email below
Stay current and follow these discussion topics?