Platform Compliance
Medximity and DigitalPatientChart are built with HIPAA compliance as a foundation:
- Encryption — All data encrypted in transit (TLS 1.3) and at rest (AES-256).
- Access controls — Role-based access ensures staff only see what they need.
- Audit trails — Every access and modification to patient records is logged.
- Business Associate Agreement — Medximity executes a BAA with every provider practice.
- Breach notification — Procedures in place to notify affected parties within 60 days as required by law.
Your Responsibilities
As a covered entity, you are responsible for:
- Training staff on HIPAA policies and procedures.
- Implementing appropriate physical safeguards in your office.
- Managing user access — deactivating accounts when staff leave.
- Reporting suspected breaches to Medximity and your patients.
- Maintaining your own Notice of Privacy Practices.
Review our Privacy Policy HIPAA section and Terms and Conditions for the full scope of our obligations and yours.