Increase efficiency and easily scale telehealth operations across state lines.
Retain more patients with a modern healthcare experience that keeps them engaged.
Increase efficiency across your company and easily scale telehealth operations across state lines
Deliver exceptional telehealth and better clinical outcomes so you retain more patients
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Leo, id curabitur nullam sed quis amet. Morbi eget cras dolor
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Leo, id curabitur nullam sed quis amet. Morbi eget cras dolor
Built for behavioral health, leverage workflow automations that reduce manual work.
Engage and connect with patients through video, messaging, and content.
Standardize data, measure business outcomes, and scale telehealth operations quickly.
HIPAA/PHIPA compliant telehealth platform with 256-bit encryption.
An end-to-end telehealth operations software designed for behavioral health.
Discover the latest in telehealth from case studies, eBooks, and media.
Patients and providers access expert technical support, training materials, and documentation.
Integrate OnCall into your existing infrastructure to maximize interoperability.
We’re leading the way in enabling healthcare companies to be virtual-first.
Join our team.
Drive brand awareness, grow revenue, and enhance the continuum of care.
Increase efficiency and easily scale telehealth operations across state lines.
Retain more patients with a modern healthcare experience that keeps them engaged.
Increase efficiency across your company and easily scale telehealth operations across state lines
Deliver exceptional telehealth and better clinical outcomes so you retain more patients
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Leo, id curabitur nullam sed quis amet. Morbi eget cras dolor
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Leo, id curabitur nullam sed quis amet. Morbi eget cras dolor
Built for behavioral health, leverage workflow automations that reduce manual work.
Engage and connect with patients through video, messaging, and content.
Standardize data, measure business outcomes, and scale telehealth operations quickly.
HIPAA/PHIPA compliant telehealth platform with 256-bit encryption.
An end-to-end telehealth operations software designed for behavioral health.
Discover the latest in telehealth from case studies, eBooks, and media.
Patients and providers access expert technical support, training materials, and documentation.
Integrate OnCall into your existing infrastructure to maximize interoperability.
We’re leading the way in enabling healthcare companies to be virtual-first.
Join our team.
Drive brand awareness, grow revenue, and enhance the continuum of care.
Increase efficiency and easily scale telehealth operations across state lines.
Retain more patients with a modern healthcare experience that keeps them engaged.
Increase efficiency across your company and easily scale telehealth operations across state lines
Deliver exceptional telehealth and better clinical outcomes so you retain more patients
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Leo, id curabitur nullam sed quis amet. Morbi eget cras dolor
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Leo, id curabitur nullam sed quis amet. Morbi eget cras dolor
Built for behavioral health, leverage workflow automations that reduce manual work.
Engage and connect with patients through video, messaging, and content.
Standardize data, measure business outcomes, and scale telehealth operations quickly.
HIPAA/PHIPA compliant telehealth platform with 256-bit encryption.
An end-to-end telehealth operations software designed for behavioral health.
Discover the latest in telehealth from case studies, eBooks, and media.
Patients and providers access expert technical support, training materials, and documentation.
Integrate OnCall into your existing infrastructure to maximize interoperability.
We’re leading the way in enabling healthcare companies to be virtual-first.
Join our team.
Drive brand awareness, grow revenue, and enhance the continuum of care.
November 16, 2021
HIPAA and PHIPA compliance are major features of OnCall Health. Our platform uses a variety of technical processes (including end-to-end encryption, which you can read about here) for this purpose.
When building an integration, it’s important that you take steps to avoid exposing protected health information (PHI) in non-compliant ways while extracting it through our public application programming interface (API).
Keep reading for some best practices.
Never place your organization’s private key directly in source code. Instead, use environment variables.
See here for an example on how you might form an API request to retrieve appointments from OnCall Health using environment variables. Only users capable of accessing environment variables would be able to see your private key. This is much easier and more practical to control.
While environment variables are very useful, you may still occasionally need to share your organization’s private key with colleagues.
You can maintain healthcare compliance by ensuring this exchange happens over a secure means of communication (i.e. OnCall Health’s instant messaging feature). Some password management tools also claim HIPAA and PHIPA compliance for the purpose of sharing credentials that grant access to protected healthcare information (PHI).
Before using your OnCall Health private key, ensure the platform you’re entering it on is HIPAA compliant. Many workflow automation tools (i.e. Zapier) do not claim HIPAA or PHIPA compliance and consequently aren’t suitable places to store your OnCall Health private key.
If you suspect your OnCall Health private key has been exposed on a non-HIPAA or PHIPA compliant platform, contact your Customer Success Manager immediately. They can verify a new private key for you and loop in our technical team to check OnCall Health’s logs and determine whether any PHI was accessed.
You should never transfer PHI from OnCall Health to applications that do not explicitly claim HIPAA compliance (which includes Google Suite applications unless specific precautions are taken). Rather, our API is intended to facilitate integrations between OnCall Health and healthcare compliant applications such as electronic medical record (EMR) and electronic health record (EHR) systems.
HIPAA and PHIPA compliance are not static. They need to be maintained through regular third-party audits. Ensure each software vendor you integrate with OnCall Health maintains compliance.