HIPAA Notice
Last updated June 1, 2026
Our Commitment
drtellsyou supports healthcare organizations that are required to comply with the Health Insurance Portability and Accountability Act (HIPAA). We design our workflows, systems, and staff training around that requirement.
Business Associate Agreements
For any engagement involving protected health information (PHI), we execute a Business Associate Agreement (BAA) with the covered entity prior to handling any PHI.
Access Controls & Audit Logging
Access to PHI is restricted to authorized personnel on a need-to-know basis, with role-based permissions and full audit logging across our platforms and workflows.
Staff Training
All staff handling PHI complete recurring HIPAA compliance training and are bound by confidentiality obligations as a condition of employment or engagement.
Incident Response
We maintain an incident response process to identify, contain, and report any suspected breach of PHI in accordance with HIPAA breach notification requirements.