What makes DocbookMD HIPAA secure?

DocbookMD ensures that all standards of HIPAA and HITECH security are followed. We enable our users to be HIPAA-compliant while communicating with their colleagues through our secure messaging application.

All messages are sent and stored on our high-grade encryption servers. Messages are never stored in the permanent memory of your mobile device. If your phone or tablet is lost or stolen, simply notify us, so that we may deactivate your account, ensuring that your messages remain confidential.

Additionally, all DocbookMD users are required to sign a HIPAA business associates agreement (BAA) upon registration, outlining our data protection and the responsibilities of all parties, to keep patient information classified.

In layman's terms -

When you send a normal text message, it creates four minimum points of failure where ePHI could be leaked. When a text message is sent, that message is stored on your unsecured mobile device, then it's stored with your mobile carrier, then it's stored with the recipient's mobile carrier, and then on the recipient's unsecured mobile device. This is not HIPAA compliant.

HIPAA compliance is about secure storage and who has authorized access to that secure storage.

When you send a message through DocbookMD, none of the messages are stored on your mobile device. They're all stored on our encrypted servers, and the DocbookMD application gives you secure access to those messages stored on our encrypted servers. The only information that's stored on your mobile device is the app itself. Whenever you send a photo with DocbookMD, we recommend that you please take a photo with the app (instead of using your mobile device's camera). This ensures that the photo is not stored on your phone and is only stored on our encrypted servers. We also offer a FileShare integration, so you can attach your secure files to DocbookMD messages.

To maintain the highest level of security, we recommend that you enable a PIN lock in your mobile device settings, and also enable a PIN lock within DocbookMD. If your mobile device is stolen or misplaced, they will need to get past those two PIN locks to get to your patient data. If you notify us that your device was misplaced, we can also disable your account.

DocbookMD Web - The url for our website login is https://webapp.docbookmd.com/#/login. As you can see, our website is "https" instead of "http." This let's you know that the website is encrypted and secure. You may also view this wiki page that discusses the technicalities of http vs https in detail.

To read more about DocbookMD and HIPAA compliance, please visit our website:

Mobile Messaging & HIPAA Compliance

Healthcare Security

Still need help? Contact Us Contact Us