Acuity Scheduling, a HIPAA-compliant appointment scheduling solution, provides secure handling of Protected Health Information (PHI) through its Powerhouse plan. Here's what you need to know about making your Acuity account HIPAA compliant:

Setting Up HIPAA Compliance

1. Upgrade to the Powerhouse plan
2. Navigate to Customize Appearance
3. Click Appointment Booking Page Options
4. Sign the Business Associate Agreement (BAA)

Key Security Features

• Encrypted PHI handling
• Restricted file uploads from local devices only
• No client form responses in email notifications
• Limited calendar sync capabilities
• Disabled integrations with non-HIPAA compliant services

Your HIPAA Responsibilities

• Configure appropriate security settings
• Manage PHI in emails and text notifications
• Review third-party integrations for compliance
• Maintain proper business practices
• Implement necessary security controls

Additional Security Measures

• Email notifications exclude sensitive information
• Client form responses are protected
• Package balance checks require direct login
• Calendar syncing restricted to compliant services
• Text message opt-out available

Third-Party Integration Management

Before connecting any third-party services:

• Verify HIPAA compliance
• Establish necessary agreements
• Adjust security settings
• Review data sharing practices
• Document compliance measures

Accessing Your BAA

1. Go to Customize Appearance
2. Select Scheduling Page Options
3. Click "View and Download Your Signed BAA"
4. Download PDF if needed

Remember: HIPAA compliance requires more than just enabling features. You must actively manage your account settings and business practices to maintain compliance.

Related Articles

Previous Articles