HIPAA Compliant Platform

HIPAA Compliance

Therapair is committed to protecting your protected health information (PHI) in full compliance with the Health Insurance Portability and Accountability Act (HIPAA).

Our Commitment to HIPAA Compliance

As a platform that handles sensitive mental health information, Therapair is fully committed to maintaining the highest standards of data protection and privacy. We understand that trust is fundamental to mental health care, and we take our responsibility to protect your information seriously.

Security Safeguards

Administrative Safeguards

  • • Designated Privacy and Security Officers
  • • Comprehensive workforce training programs
  • • Access management and authorization procedures
  • • Incident response and breach notification plans
  • • Regular security assessments and evaluations

Physical Safeguards

  • • Secure data center facilities
  • • Controlled access to workstations and devices
  • • Secure disposal of electronic media
  • • Workstation use restrictions and policies
  • • Device and media controls

Technical Safeguards

  • • End-to-end encryption (AES-256)
  • • Multi-factor authentication
  • • Comprehensive audit logging
  • • Access controls and user authentication
  • • Data integrity and transmission security

Business Associates

  • • All vendors sign Business Associate Agreements
  • • Regular compliance monitoring
  • • HIPAA-compliant data processing
  • • Secure data transmission protocols
  • • Breach notification requirements

Data Protection Measures

Encryption Standards

  • Data at Rest: AES-256 encryption for all stored data
  • Data in Transit: TLS 1.3 for all data transmission
  • Database Security: Encrypted database fields for PHI
  • Backup Security: Encrypted backups with secure key management

Access Controls

  • Multi-Factor Authentication: Required for all user accounts
  • Role-Based Access: Different access levels for different users
  • Session Management: Automatic logout after inactivity
  • Audit Logging: Complete audit trail of all data access

Your Privacy Rights

Under HIPAA, you have specific rights regarding your protected health information. We are committed to honoring these rights:

Right to Access

You have the right to request and receive copies of your health information that we maintain.

Right to Amend

You can request corrections to your health information if you believe it is incorrect.

Right to Restrict

You can request restrictions on how we use or disclose your health information.

Right to Complain

You have the right to file a complaint if you believe your privacy rights have been violated.

Breach Notification

In the unlikely event of a data breach involving your protected health information, we are committed to:

Immediate Response

Contain and assess the breach within 24 hours of discovery

Individual Notification

Notify affected individuals within 60 days of discovery

HHS Notification

Report to the Department of Health and Human Services within 60 days

Questions About HIPAA Compliance?

If you have questions about our HIPAA compliance practices or your privacy rights, please use our contact form.

Last Updated: October 28, 2025

This HIPAA compliance statement is reviewed and updated regularly to ensure accuracy and completeness.