HIPAA and Security


Medility takes security and confidentiality of Protected Health Information(PHI) very seriously. We ensure that your data integrity is a top priority. Medility uses a set of policies and procedures to safeguard our physical and technical infrastructure to maintain compliance with the HIPAA(Health Insurance Portability and Accountability Act) Privacy Rule, Security Rule, Transactions and Code Sets Rule, and their implementing regulations.

Business Associate Addendum

PillEye uses a standard business associate addendum with AWS to protect personal information. The Business Associate Addendum(BAA) is an AWS contract that requires AWS to adequately protect PHI under HIPAA rules. The BAA also serves to clarify and limit the uses and disclosures of PHI that AWS permits.

Security assessments

Security and privacy, along with regulatory compliance are crucial to our business. We maintain an active review program to evaluate our effectiveness. Also we conduct our own assessment, including security audits and other measures. Pilleye uses trusted HIPAA compliant cloud infrastructure. All API requests are sent over the TLS 1.2 protocol, and all data is encrypted in transit and at rest. For more information, Please refer to the section 9 of privacy policy. Questions or concerns about our security or privacy program may be directed to our Privacy Officer by contacting *help@pilleye.com*