Zoho Desk HIPAA Compliance Guide
Introduction
The Health Insurance Portability and Accountability Act (including the Privacy Rule, Security Rule, Breach notification Rule, and Health Information Technology for Economic and Clinical Health Act) ("HIPAA"), requires Covered Entities and Business Associates to take certain measures to protect health information that can identify an individual. It also provides certain rights to individuals. Zoho does not collect, use, store or maintain health information protected by HIPAA for its own purposes. However, Zoho Desk provides certain features (as described below) to help its customers use Zoho Desk in a HIPAA compliant manner.
HIPAA requires Covered Entities to sign a Business Associate Agreement (BAA) with its Business Associates. You can request our BAA template by sending an email to legal@zohocorp.com.
Product Specific Features
To ensure the security of you and your customers’ information, you can take the following actions in your Zoho Desk:
- Mark ePHI fields to distinguish their data
- Encrypt data entered into ePHI designated fields
- Administer roles and permissions to secure data
- Export audit trail to monitor operational activities
Marking ePHI Fields
You can mark a field as ePHI if it contains the health information of your customers or patients. This will add the ePHI label beside the field on the agent's interface and the help center. Also Read
To mark fields that contain personal health data:
- Go to Setup > Customization > Layout and Fields.
- Select a module and department to view their layouts.
- Select the desired layout to edit it.
- Go to the desired field and click the Gear icon.
- Click Edit Properties and check the Mark as ePHI box.
Note: Marking the field as ePHI will automatically turn on the Encrypt field option. Nevertheless, you can turn it OFF manually (not recommended). - Click Update and save the layout.
Encrypting ePHI Field Data
Fields that contain personal health information can be encrypted for additional security. Though encryption is not a mandatory step, it is the best practice to prevent unauthorized access to confidential data. Read this article here to learn more about encrypting fields in your help desk.
Administering Roles and Permissions
Exporting Audit Trial
Data audits help you secure your system and monitor for unexpected changes or usage trends. Zoho Desk will store the audit logs—that is, information about every addition, update, and deletion made to your database records—in the backend for a duration of up to 1 year. This audit log can only be shared with the user upon request. Alternately, you can export module-wise data periodically using the Export Data option under Setup.
Related Articles
Why Zoho Desk?
On-demand & Web-Based Zoho Desk, an on-demand, web-based help desk software allows your agents to engage with customers and deliver satisfaction in the fastest and easiest way. And because it's all on the cloud, lesser the cost of installation and ...
Highrise for Zoho Desk
View customer details and deals from Highrise in Zoho Desk. Manage contacts, deals, and activities between Highrise and Zoho Desk. Add new customers and deals to Highrise from Zoho Desk. This integration makes it easy to understand customer's details ...
Zendesk Sell for Zoho Desk
The Zendesk Sell for Zoho Desk extension makes it easy for you to know your customers' details so that you can better prioritize and manage tickets in Zoho Desk. It lets you manage contacts, deals, and tasks between these applications. You can view ...
GoToWebinar for Zoho Desk
Webinars help give product demos and make a great tool for customer support. The GoToWebinar extension for Zoho Desk helps support agents explain their product efficiently through webinars, allowing them to resolve support tickets faster. With this ...
What is Zoho Desk?
Help Desk Management Software For Your Business Zoho Desk is web-based help desk software that gives you the ability to manage your customer support activities efficiently. Zoho Desk allows you to assign, track and set up alerts on help desk tickets ...