HIPAA & Privacy Compliance

Built for regulated healthcare environments and hospital procurement review.

HIPAA Alignment

Operates as a Business Associate where applicable
Business Associate Agreements available upon request
Processes PHI solely to deliver contracted healthcare services
No PHI collected from the public or patients via the website
No sale or marketing use of PHI

Safeguards & Controls

Technical

Encryption in transit (SSL/TLS)
Encryption at rest
Role-based access controls
Audit logging and monitoring

Administrative

Workforce access controls
Vendor risk oversight
Security policies and procedures
Incident response processes

Physical

Secure cloud infrastructure
Controlled system access

Data Use & Retention

Data is used only to support clinical operations, notifications, and reporting. Retention aligns with healthcare regulations, contractual requirements, and legal obligations. Data is securely deleted or de-identified when no longer required.

Procurement & Compliance Support

StrokePages supports hospital legal, IT security, and compliance teams during vendor review, contracting, audits, and accreditation preparation.

Request Compliance Documentation