home clipboard-list hand academic-cap magnifying-glass menu close chevron-down Referral Staff Cases Clients Community facebook linkedin instagram pinterest twitter vimeo youtube

HIPAA, COPPA, and FERPA Compliance Statement 

HIPAA, COPPA, and FERPA Compliance Statement 

We take very seriously our responsibility to protect student, family, and user privacy in our student support and case management software, data storage and management systems, web-based services, and internal policies to regulate access. We are fully compliant with the Family Education Rights and Policy Act  (FERPA), the more stringent, Health Information Privacy and Protection Act (HIPAA), and the Children’s Online Privacy Protection Act (COPPA).  At the simplest level, it means we will NEVER disclose student personal information to any unauthorized parties.
Technically, the student records in our program are not health records but because clinicians may also use our software, we have added extra levels of confidentiality protection.  These include: 

Protections within the software 

  • Providing users with password protection 
  • Requiring individual logins, passwords, and one-time PIN codes to access our systems 
  • Limiting user access by employing granular access permissions that prevent oversharing of information 
  • Heavily encrypting all data when stored and during transport  

 

Where is the data stored? 

All data is stored within the US A HIPAA and FERPA-compliant environment. 

 

Physical data storage and backups:  

  • ECINS Corp is a US-registered company operating within the jurisdiction of US law and is fully compliant with the Privacy Protection Act, HIPAA and FERPA.
  • ECINS Corp services are securely hosted in a US data center.
  • All data is stored and backed up within our own secure US based servers.

Datacenter complies with recognized security standards:  

  • ECINS Corp data center has the following accreditations: HIPAA/HITECH Type 2, SOC 1 Type 2, SOC 2 Type 2

Encryption to protect data at rest:  

  • ECINS Corp employ a field level encryption on the ECINS databases in addition to all data being stored on our Self Encrypting Drives (SED). The algorithm used is AES-256 which is the same level of encryption used for anything protected up to Top Secret.

 Privacy protections 

Information Security

Accreditations

  • ECINS Corp is independently ISO 27001 accredited for the Design and Development of software and for the hosting and processing of multi-agency data.
  • ECINS complies with COPPA, HIPAA, FERPA, and US legislation such as the Privacy Protection Act (1980).

Information Security Policy

  • ECINS Corp operates a comprehensive Information Security Document Set aligned to a superset of the ISO 9001 & 27001 accreditations and HIPPA assurance.

Annual penetration testing is carried out on the service

  • ECINS Corp uses approved companies for the penetration testing of its IT systems to identify potential vulnerabilities and recommend effective security countermeasures. The companies we use are approved companies to carry out penetration testing of public sector bodies’ IT systems.

 

Authorization to access student data will never be granted for commercial use of any kind.

 

HIPAA Compliance

For more information please contact: 

ATTN: HIPAA Officer
3300 Dallas Parkway
Office #2023
Plano, TX 75093 

Tel: +1(214) 949-8134
E-mail: support@ecins.com 

Welcome!

To get the best experience,
please choose your region: