HIPAA Compliance

How SafeMind protects your protected health information (PHI).

SafeMind is committed to complying with the Health Insurance Portability and Accountability Act (HIPAA) and its implementing regulations. As a platform that facilitates relationships between patients and licensed mental health professionals, we treat the privacy and security of your protected health information (PHI) with the highest priority.

What Is HIPAA?

HIPAA is a U.S. federal law that establishes national standards for the protection of sensitive patient health information. It applies to covered entities and their business associates that create, receive, maintain, or transmit PHI. For more information, visit the official HHS HIPAA resource center .

Our Safeguards

Encryption in transit (TLS 1.2+)
Encryption at rest
Role-based access controls
Business Associate Agreements
Minimum necessary access
Regular security audits

Administrative Safeguards

  • Designated Privacy Officer responsible for HIPAA policy and training.
  • Staff training on HIPAA rules and the handling of protected health information.
  • Documented policies for data access, breach notification, and incident response.
  • Business Associate Agreements (BAAs) in place with all third-party service providers handling PHI.

Physical Safeguards

  • Data hosted in HIPAA-eligible cloud infrastructure with physical access controls.
  • Workstation and device management policies for staff.

Technical Safeguards

  • All data transmitted over the network is encrypted using TLS 1.2 or higher.
  • Data stored in the platform is encrypted at rest.
  • Unique user identification and automatic log-off for inactive sessions.
  • Audit logs for access to PHI retained in accordance with HIPAA requirements.

Breach Notification

In the event of a breach of unsecured PHI, SafeMind will notify affected individuals in accordance with the HIPAA Breach Notification Rule — within 60 days of discovery of the breach.

Your Rights Under HIPAA

  • Right to access and receive a copy of your health information.
  • Right to request corrections to your health information.
  • Right to an accounting of disclosures of your PHI.
  • Right to request restrictions on certain uses and disclosures.

Official Resources

Questions?

For HIPAA-related questions or to exercise your rights, please contact us.