Book doctors, shop health and beauty products, and access trusted health content — in 110 languages. All in one place.

Your cart

Your cart is empty

Continue shopping

HIPAA Compliance Statement

Effective Date: 23/05/2025

This HIPAA Compliance Statement is for informational purposes only and does not constitute legal advice. CliniciansCheck continually updates its policies in line with changes in applicable law and best practices.

At CliniciansCheck, we are steadfast in our commitment to safeguarding the privacy and security of Protected Health Information (PHI) in accordance with the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and its subsequent amendments, including the Health Information Technology for Economic and Clinical Health (HITECH) Act.

Our Commitment

We have implemented a comprehensive HIPAA Compliance Program that encompasses:

Administrative Safeguards: Development and enforcement of policies and procedures to manage the selection, implementation, and maintenance of security measures that protect PHI. This also includes workforce oversight to ensure responsible handling of sensitive health data.

Physical Safeguards: Implementation of physical security controls, including facility access measures and hardware protections, to prevent unauthorized access to electronic systems and infrastructure.

Technical Safeguards: Utilization of secure technologies, including access controls, user authentication protocols, and encrypted data storage and transmission, to protect ePHI from unauthorized access and disclosure.

Workforce Training and Management

All members of our workforce receive mandatory HIPAA compliance training. We enforce disciplinary actions for any violations of our internal privacy and security policies.

Business Associate Agreements

All third-party service providers who may access PHI are required to sign Business Associate Agreements (BAAs), obligating them to uphold HIPAA standards for security and confidentiality.

Data Protection Measures

Our platform implements industry-leading security protocols to protect PHI, including:

  • Encryption: AES-256 encryption for data at rest and TLS 1.3 for data in transit.

  • User Authentication: Multi-factor authentication and strict access controls.

  • Security Audits: Regular internal and external audits of our systems.

PHI is retained only for the duration required by law and securely destroyed once no longer needed, in full compliance with HIPAA data lifecycle requirements.

Breach Notification Protocol

In the event of a data breach involving unsecured PHI, we follow strict notification procedures as required under HIPAA, including notifying affected individuals, the U.S. Department of Health and Human Services (HHS), and, where applicable, the media.

Access and Amendment Rights

Patients have the right to access their PHI and to request amendments if they believe their records are incomplete or inaccurate. CliniciansCheck has efficient procedures in place to facilitate these requests in a HIPAA-compliant manner.

Minimum Necessary Standard

CliniciansCheck adheres to the HIPAA Minimum Necessary Standard, ensuring that access to PHI is strictly limited to the minimum information necessary to accomplish the intended purpose.

Contact Information

Privacy Officer

CliniciansCheck

Email: operationsteam@clinicianscheck.com

By implementing these safeguards and protocols, CliniciansCheck ensures compliance with HIPAA while maintaining the trust and confidence of our users and partners worldwide.