HIPAA requires that websites maintained by a covered entity display the agency's privacy notice (45 CFR 1164.520). Most home health, home care, and physical therapy websites are out of compliance with this rule. The simple fix is to upload your privacy notice to your website right now. We can do this for you on a time-fee basis which will usually amount to less than $69. How to get your website HIPAA-compliant right now:

  1. Submit an hourly work agreement.

    • In the comments section, note that you want us to put your privacy notice on your website.
    • If Brazzell hosts your website, proceed to step two. If Brazzell does not host your website, provide us with the access information to your website in the comments as well. This will consist of three (and definitely not less than three) things: a web address, a username, and a password. 
    • Please note that time spent working with clients to get access to their website is billable time. 
  2. Send us your privacy notice. You can use the contact form at BrazzellMarketng.com. 

Please note that Brazzell Marketing Agency does not and will not provide a boilerplate privacy notice. We recommend that you use the same notice you provide to new patients in print. 


Encryption and Protected Health Information

Another frequent but less prevalent HIPAA violation in home health websites is unencrypted referral forms. If your website does not ask for patient information such as Medicare numbers, birth dates, and Social Security numbers, this consideration does not apply to you. However, if your website does prompt users to provide HIPAA-protected health information, HIPAA requires that the webpage, information storage, and information retrieval be encrypted. Aside from HIPAA compliance, this is also a standard of online behavior for customer security. You can tell if your referral form is encrypted by going to the page of your website and looking in the address bar / multibar of your browser. If the site is encrypted, you will see a padlock symbol in the address bar. You can click the lock icon for more information.

Encryption means that software on your website hosting server scrambles data enroute between a user's computer and the website, and unscrambles that data at each end. This helps prevent data theft. We recommend purchasing encryption through your website hosting company. If your website is hosted with Brazzell, HIPAA compliant encryption is available for an additional $55 per year.