DocuWare Achieves HIPAA and SOC 2 Compliance

Mobile Study Majority of Healthcare Institutions Risk HIPAA Non-ComplianceMHW learned Friday that DocuWare — a global leader in the ECM market — has now achieved HIPAA compliance and a SOC 2, Type 1 certification.

This is in addition to its renewed ISO/IEC 27001:2015 certification for information security received this past summer, an emailed statement reads.

“DocuWare received its SOC 2, Type 1 certification from the American Institute of Certified Public Accountants (AICPA) for meeting the security and availability standards established by its Service Organization Controls (SOC),” the statement adds. “The SOC 2 Report focuses on five trust principles: security, availability, processing integrity, confidentiality, and privacy for service organizations such as Cloud Software providers. To achieve the certification, an organization must meet the security principle plus one of the other principles.”

Furthermore, while no official organization provides a HIPAA compliant certification, DocuWare put strict procedures in place. The U.S. HIPAA law regulates the use and disclosure of an individual’s health information in any format, also known as Protected Health Information (PHI).

DocuWare is subject to HIPAA because it is a Business Associate of its healthcare clients. It trained all employees on HIPAA policies and assigned an official in-house Privacy Officer and Security Officer.

To learn more about DocuWare, click here.

This post was written by:

- who has written 371 posts on mHealthWatch.

Contact the author