top of page

Privacy & Security

PatientToc HIPAA Compliance Information

Under the Health Insurance Portability and Accountability Act (HIPAA), Patienttoc is defined as a “business associate,” which is an individual or entity that is not a member of the “covered entity’s” (i.e., the healthcare provider’s) workforce.  In this capacity, Patienttoc is subject to and committed to all applicable HIPAA privacy and security requirements.

PatientToc clients can download and utilize the PatientToc survey app on their Android tablet or PC software and access it on PatientToc’s instance of Engyte, a HIPAA-compliant cloud storage service.


Privacy and security procedures


  • PHI is secured through password protection on AWS and Egnyte and can only be accessed on Engyte by authorized users within the healthcare practice per terms of the subscription or contract

  • PHI is firewall-protected and monitored regularly

  • PHI transferred between PatientToc tablet app, and its server is protected using industry-standard 256-bit AES encryption keys and the web-based documentation platform, by SSL

  • The Patienttoc Survey app is configured to use AES 256-bit encryption algorithm at rest

  • PatientToc has BAAs with AWS and Engyte as its third-party providers, confirming their compliance with HIPAA standards


If you have any questions about privacy and security procedures with the Patienttoc platform or survey app, please contact us by email at



Winter 2023

bottom of page