Author: kimberly b

How Clocktree safeguards your data

Clocktree was designed specifically for healthcare providers, with privacy and security of client data being a vital foundation of our platform.

The Health Insurance Portability and Accountability Act (HIPAA) is a federal law passed in 1996 which requires secure handling of an individual’s health information (PHI). The Health Information Technology for Economic and Clinical Health (HITECH) Act, passed in 2009 and revised in 2013, provides a national standard for health information technology and strengthened the privacy and security protections spelled out in the original HIPAA laws. This act extends HIPAA security obligations to business associates. If you are a healthcare provider who uses Clocktree to manage client data, Clocktree is considered a business associate. Clocktree will extend a Business Associate Agreement (BAA), with your practice as the covered entity.

In accordance with HIPAA and HITECH laws, we have implemented the following physical, technical and administrative safeguards to ensure privacy and security of your clients’ data.

  1. All data is encrypted in transit and at rest
  2. HTTPS and AES 256 bit encryption**
  3. Servers include automatic data backup
  4. Every user has their own username and password with no support for shared logins
  5. Accounts are automatically logged out after 30 minutes of inactivity
  6. Infrastructure is behind a firewall and accessible by limited Clocktree staff
  7. Clocktree staff have undergone HIPAA compliance training and certification
  8. Clocktree has Business Associate Agreements in place with all 3rd party providers
  9. Unless permission is granted, no PHI is included in communications outside the Clocktree platform
  10. Restricted Clocktree staff access to PHI
  11. On site HIPAA Compliance Officer
  12. BAA available to all registered Clocktree practices

We take client privacy and security seriously at Clocktree and do everything we can to ensure HIPAA compliance. Please check with your legal counsel if you have specific questions regarding your practice’s compliance with HIPAA regulations.

**Some technical implementation details may change in the future.

Lawmakers push to extend flexible telehealth guidelines beyond the stay-at-home period

Lawmakers push to extend flexible telehealth guidelines beyond the stay-at-home period

A bi-partisan coalition of 32 US House members are asking in a May 21 letter to Congressional leadership that ongoing emergency efforts to relax telehealth regulations during the COVID-19 pandemic be continued for an additional period of time. They are asking for time to collect data and determine which of these flexibilities should remain in place permanently.

“Telehealth is proving to be an extremely successful approach in ensuring that patients are receiving mental health and addiction care during this trying and unprecedented time, and we applaud the Centers for Medicare and Medicaid Services (CMS) for expanding behavioral telehealth flexibilities, and ultimately increasing access to these essential services,” the letter states. “In particular, we are grateful that CMS is providing broader coverage of behavioral telehealth services, which has helped expand access to many individuals in rural and medically underserved areas, and allowed individuals to receive these services in their home.”

The order would be included in the next COVID-19 relief bill, the lawmakers said.