In simple terms, here’s how Breakthrough protects PHI:
- Access Controls
- We offer a closed platform with login credentials to ensure messages can only be sent, received, and viewed by authorized staff.
- Minimum Amount of PHI
- Because our software does not record specific health conditions, outgoing emails do not contain health information specific to any one contact aside from workshop or appointment information. For example, we limit PHI in message content so that only the appointment date, time, location, and the name of your practice are included.
- HIPAA Training
- All team members receive routine HIPAA training
- Data Storage
- Breakthrough does not store email replies and “masks” the contact’s email address when they reply. Call or SMS records are stored within a secure platform that can only be accessed by authorized staff.
- HIPAA Business Associate Agreement
- Breakthrough has a signed Business Associate Agreement for every account, which I’ve attached here for your records. This gives your practice written assurances that Breakthrough will adequately protect PHI and limit how much information will be exchanged.
- Consent Tools
- Contacts can opt out of messaging at any time by unsubscribing to our emails or by replying STOP to any SMS message.
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article