DocuGen offers optional compliance with Health Insurance Portability and Accountability Act (HIPAA) to customers who expect to generate documents containing personal health information (PHI). Please read the information below and submit your HIPAA compliance request using the form at the bottom.
Our services are designed to be compliant with the HIPAA rules and standards, including secure encryption of customer information that may contain health information at rest, in transit, and during processing (such as while generating a document).
We have data protection policies, including regular employee training, which guide our team in how to keep protected data secure.
In addition, we maintain Business Associate Agreements (BAA) with our subcontractors and sub-processors who may handle on our behalf customer information containing PHI, including our hosting provider (AWS) and our email provider (Google.) For subcontractors and sub-processors who are unable to offer HIPAA compliance or a BAA, we make sure not to process any PHI through them.
If you wish to opt-in DocuGen’s HIPAA compliance, you must be on an Enterprise plan (1,000 monthly documents or above). Free, Basic, and Standard Plans don’t qualify for HIPAA compliance.
In addition, you must have a BAA in place with monday.com. Because DocuGen runs on top of monday.com and uses monday.com APIs to access your data (potentially including PHI), our BAA is not valid unless your monday.com BAA is active and valid at all times.
In order to sign up to DocuGen’s HIPAA compliance, please fill out this form.
As part of your opt-in, you will be requested to do the following:
Got more questions? Feel free to reach us at support@docugen.io