HIPAA Compliance

Main things that need to be done to gain HIPAA compliance

1. SSL Security - Purchase and install SSL certificate so that site is accessible only through https
2. Audit Logging - So that any access to the system is tracked, and alterations are recorded with the old and new values
3. User Security - Users should be assigned accounts so that there are no group logins that are used to access the system.

Link

* HIPPA Security Compliance Document