Anyone who’s worked at a hospital or doctor’s office knows how important it is to be HIPAA compliant. My husband is a nurse, and he’s had HIPAA compliance drilled into him from day one. Because HIPAA is such an important issue for the healthcare industry, it’s essential to know whether your electronic signature vendor is HIPAA compliant.
But not all electronic signature vendors fit the bill. Industry experts recommend that health care providers use a specific type of electronic signature: digital signatures. (Not sure what the difference is? Check out this article to find out).
Digital signatures give you the best in document security, including:
But not all electronic signature vendors are secure enough to be considered HIPAA compliant. Many vendors fail to use identity authentication technologies to verify who is signing a document. Others fail to lock down the document against changes, or lack the required security controls to protect patient confidentiality.
And most frightening of all? Many electronic signature vendors require that they store a copy of your documents on their servers even if you download a copy for yourself.
Let me ask you a question: How many copies of your patients’ personally identifiable health information do you want stored on a third-party vendor’s cloud? I hope the answer to that question is, “None!”
SIGNiX is the only vendor on the market that embeds the legal evidence you’d need to prove a signature happened into the document. That means we don’t have to store your documents on our servers, and that's a huge relief to healthcare companies looking to be HIPAA compliant.
With that said, it’s important to keep in mind that compliance isn’t just about which vendor you choose. It’s also about the policies you establish for how your employees will interact with the electronic signature software. If you don’t address these issues internally, even the most secure digital signature service won’t give you a fully compliant solution. You should consult with your compliance expert to create an electronic signature policy for your company before implementing any electronic signature service.