Protection for yourself and your patients or clients
It’s your duty to ensure that information is secure.
To ensure maximum security of patient/client personal health & financial information, we have gone above and beyond standard government mandated security measures.
Plant-Based Docs is compliant with US Health Insurance Portability and Accountability Act (HIPAA) regulations. That includes the Privacy, Security, & Breach Notification Rules and the Administrative & Physical Safeguards.
Certified by the DEA to support Electronic Prescribing for Controlled Substances (EPCS).
Our payment processor is certified as Payment Card Industry (PCI ) Service Provider Level 1, the highest possible level.
The General Data Protection Regulation (GDPR) is a regulation that requires businesses to protect the personal data and privacy of EU citizens for transactions.
Our infrastructure protects data in compliance with the Canadian Personal Information Protection and Electronic Documents Act (PIPEDA).
Our servers are housed in facilities that are protected by biometric security, surveillance systems, and security guards – 24 hours a day, 7 days a week, 365 days a year.
We store data at SOC Type 1- and SOC Type 2-certified facilities.
We have a disaster recovery plan in place, including redundant power supplies and data backup.
Our website data is encrypted with 256-bit Secure Socket Layer (SSL) technology, whether you’re on a desktop, laptop, tablet, or phone. We use cryptographic keys to authenticate data transfer.
We process credit card transactions using secure encryption on a Level 1 PCI-compliant network. We tokenize and encrypt all payment information, and we do not store it ourselves.
System wide audit logs track and record all access to records and document all communications, with both patients and referring providers. This includes SSH logs, SQL query logs, platform backend activity logs, and Apache logs.