Note: DohShield likely does not process PHI, but this compliance statement applies to potential crossover with medical stores.
🏥 HIPAA Compliance Statement
DohShield does not directly handle protected health information (PHI). If integrated into environments where PHI is present (e.g., pharmacy POS systems), we follow HIPAA-aligned safeguards, but ultimate responsibility for HIPAA compliance rests with the client.
🔒 PHI Protection
In the event that DohShield systems come into contact with protected health information through integrated environments, we maintain appropriate safeguards to protect such data according to industry standards.
Security Measures: All data processing follows enterprise-grade encryption and access control protocols to ensure PHI protection when applicable.
📋 Client Responsibility
Clients operating in healthcare environments are responsible for ensuring their own HIPAA compliance, including proper handling of PHI and maintaining appropriate business associate agreements where required.
Important: Healthcare clients must ensure all surveillance and monitoring activities comply with HIPAA requirements and obtain proper patient consent where necessary.
🤝 Business Associate Agreements
Where DohShield services may involve access to PHI, appropriate business associate agreements can be established to ensure compliance with HIPAA requirements and protect patient privacy.
🛡️ Data Minimization
DohShield employs data minimization practices, focusing only on transaction and security data necessary for theft prevention. We do not actively seek or store medical information unless specifically required for legitimate security purposes.