HIPAA Statement
Health Insurance Portability and Accountability Act (HIPAA) Compliance Statement

As a healthcare provider, Healthport is committed to compliance with the requirements of the Health Insurance Portability and Accountability Act (HIPAA).

These regulations pertain to the security, electronic data interchange and confidentiality of Patient health information. As a part of its overall quality system Healthport has established a formal, written program for HIPAA compliance and to ensure that the "Chain of Trust" is maintained between Healthport and its Patients. This program undergoes regular audits to confirm that the organization meets or exceeds all applicable compliance standards and their associated deadlines.

To meet the requirements for Patient data security and privacy Healthport employs such systems and techniques as:

  • Advanced firewall security
  • Fully alarmed physical perimeter security
  • Sophisticated data encryption algorithms
  • Password protected system access
  • Restricted visitor access
  • Virtual Private Networks (VPN)
  • Intrusion detection systems

    These mechanisms undergo routine evaluation and upgrade as technologies related to security and privacy improve.

    As it applies to our products, Healthport ProNatal, Healthport has will take steps to meet and far exceed standards for privacy and security. In particular, the Server is placed inside a network firewall, using 128-bit RSA public-key authentication and 128-bit Advanced Encryption Standard (AES) data encryption to insure data security and privacy in transit to Healthport. In addition, Healthport constantly monitors security/virus issues for potential security risks and can provide prompt updates and Patient notification to address any such issues.

    Shell Access -- Healthport Technical Staff
    The server can be managed using the UNIX command prompt. The command prompt can only be reached using the shell client with the SSH Transport Layer Protocol. This protocol provides between 128-bit and 256-bit encryption for all data communications and is one of the most complicated algorithms available. As an additional precaution, the login must be from a trusted computer that is kept as a short list of static IP addresses.

    Remote Database Access -- Healthport Technical Staff
    It is necessary to connect to the Healthport database from a remote database server to maintain the database and execute off-site backups of the data. The connection to this database uses the same SSH protocol as the shell access but connects on a separate port and access is managed via a separate "short list" of computers that are allowed to connect.

    Encrypted Data
    In the unlikely event that the machine is accessed by an unauthorized individual, all Patient data is stored in a secure folder on the server. In addition, the format of the data is a proprietary, binary file which using a proprietary encryption method.

    In addition, the technical team constantly monitors the system logs for attempted attacks, unauthorized programs, and services. The physical location of the server at Healthport means that the server can be physically removed from the Internet if there is an attack on the system which cannot be immediately resolved.

    Healthport provides the above information to demonstrate its intent and commitment to compliance with the HIPAA regulations. If you would like more information on Healthport HIPAA compliance efforts, please contact the HIPAA Compliance Officer at (800) 327-7953, or via email at