Are Jottful websites HIPAA compliant?

Yes, Jottful websites — except for Jottful contact forms — are HIPAA compliant.

However, you will need to make sure any other software you use in conjunction with your website is also HIPAA compliant. This may include form software, as well as any software your patients can access for booking appointments or viewing their health information.

What HIPAA-compliant websites should include

1. Back up (learn about Jottful's back up frequency)
2. Security 
   1. Jottful data is stored on Amazon AWS servers (learn about AWS's commitment to HIPAA)
   2. Jottful passwords are encrypted using bcrypt with a work factor of 12
3. GDPR/CCPA compliance (learn how to activate a GDPR/CCPA cookie banner on Jottful)
4. ADA compliance (learn how Jottful strives to make all websites accessible for ADA compliance)
5. Audit capability (changes made using Jottful's Magical Editor are logged [who, what, and when]; you may request a copy of this log at any time)
6. A Privacy Policy (contact us to add a page for your Privacy Policy).