HIPAA and PHI Compliance

The UberID infrastructure is HIPAA and PHI compliant.

• All data in flight (transmission) between the user and the services are encrypted.
• All data retained within the database (at rest) is encrypted.
• All data is stored in secure, HIPAA compliant data centers within the USA. Each data center is manned and data backups are continuous and encrypted.
• All events that take place within the UberID infrastructure are logged and retained for statutory, compliance, quality and audit purposes in accordance with HIPAA requirements.
• UberID maintains Administrative Safeguards by way of policies and supporting procedures to ensure that only those individuals that are absolutely required to access information when on-boarding Member data (as may be requested by any Member) are authorized to do so. Training is provided to staff dealing with managed and protected health information. UberID provides a process to ensure that data is anonymized such that it fully protects the identity of the Member or related users at all times.