Privacy & Security Center

Our Security Commitment

At HiBoop, we understand the sensitive nature of mental health data and communications. That's why we've implemented a comprehensive security framework designed to protect your information at every level:

Data Protection

Protecting your data is our top priority. We employ multiple layers of protection to ensure your information remains secure:

• Data Encryption: All sensitive information is encrypted using industry-leading algorithms both in transit and at rest.
• Secure Data Storage: Data is stored in secure, redundant systems with multiple layers of protection.
• Data Access Controls: Strict policies determine who can access what data and under which circumstances.
• Data Minimization: We only collect the data necessary to provide our services and comply with regulations.
• Regular Backups: Automated, encrypted backups ensure data can be recovered in case of emergencies.

Safeguarding Measures

Our comprehensive safeguarding approach protects both systems and data:

• Multi-Factor Authentication: Additional verification steps prevent unauthorized account access.
• Intrusion Detection: Advanced systems monitor for and block suspicious activities in real-time.
• Vulnerability Management: Regular scanning and patching to address security vulnerabilities.
• Penetration Testing: Regular security assessments to identify and address potential weaknesses.
• Security Training: Ongoing education for all staff on security best practices and threat awareness.

Information Assurance

We ensure the integrity, availability, and authenticity of all information through:

• Data Integrity Checks: Verifications to ensure information hasn't been altered improperly.
• System Redundancy: Multiple systems ensure service availability even during technical issues.
• Disaster Recovery: Comprehensive plans to quickly restore services after any disruption.
• Authentication Protocols: Strict verification to ensure users are who they claim to be.
• Security Auditing: Regular reviews of system logs and access records to detect anomalies.

Confidentiality Commitment

We maintain strict confidentiality for all personal and health information:

• Privacy by Design: Privacy and confidentiality considerations are built into our systems from the start.
• Staff Training: All team members receive extensive training on handling sensitive information.
• Need-to-Know Access: Information access is strictly limited to those who require it for their job functions.
• Secure Communication: All exchanges of sensitive information occur through encrypted channels.
• Data De-identification: Where possible, we separate identifying information from health data.

HIPAA Compliance

As a platform dealing with protected health information (PHI), HiBoop is fully compliant with the Health Insurance Portability and Accountability Act (HIPAA):

• Administrative Safeguards: Comprehensive policies and procedures governing PHI access, risk analysis, contingency planning, and regular security assessments.
• Physical Safeguards: Controls for facility access, workstation security, and device handling to protect physical systems containing PHI.
• Technical Safeguards: Encryption, access controls, audit controls, integrity controls, and transmission security for all electronic PHI.
• Business Associate Agreements: Ensuring all third-party services with access to PHI maintain HIPAA compliance through legally binding agreements.

Additional Compliance Frameworks

Our Security Certifications