This article covers the HIPAA Compliant Add On available for Thryv Business Center™ accounts, including what HIPAA compliance means, who needs it, how Thryv Business Center maintains compliance, what you receive when you purchase the add on, and what is expected of you as a Thryv user. This article applies to Thryv Business Center users in healthcare and healthcare-adjacent industries. This article does not cover electronic health records (EHR), electronic medical records (EMR), or medical billing and coding Thryv Business Center is not an EHR or EMR platform.

Why HIPAA compliance matters for your healthcare business

If your business handles patient or client health information  including scheduling, communications, or any data that could identify a patient  federal law requires that information to be handled in a HIPAA-compliant way. Running your business on software that is not HIPAA compliant puts your patients' data at risk and exposes your business to significant legal liability. The Thryv Business Center HIPAA Compliant Add On secures your account in accordance with HIPAA privacy guidelines, so you can manage your client relationships and run your business in one place without compromising the confidentiality of patient health information.

What is HIPAA

HIPAA stands for the Health Insurance Portability and Accountability Act. HIPAA is a set of federal rules and practices that govern how medical information  including medical records and other identifiable health information Must be safeguarded. The goals of HIPAA are to protect the privacy, integrity, confidentiality, and availability of health data for patients and clients.

Who is required to be HIPAA compliant

HIPAA compliance is required for healthcare providers that conduct financial and administrative processes electronically. This includes dentists, nursing homes, chiropractors, psychologists, and testing laboratories. HIPAA also applies to businesses that support healthcare companies, such as accountants and lawyers who handle protected health information on behalf of healthcare clients.

How Thryv Business Center maintains HIPAA compliance

When you purchase the HIPAA Compliant Add On, Thryv Business Center maintains compliance through the following measures:

• All account access is monitored with proper oversight and audit trails to track who accessed what information and when.
• Website forms are upgraded to safeguard the transmission of patient and client data submitted through your Thryv Business Center website.
• Backend platform enhancements are applied to your account to meet HIPAA security requirements.
• A careful review of the entire Thryv Business Center platform and all integration partners is conducted to confirm compliance across connected tools.
• Ongoing compliance reviews are performed to ensure your account continues to meet HIPAA requirements over time.
• An exclusive team of HIPAA Trained Specialists supports all HIPAA Compliant Thryv Business Center accounts. Only HIPAA Trained Specialists are permitted to access HIPAA Compliant accounts standard support agents cannot access your account.

What you receive when you purchase the HIPAA Compliant Add On

When you purchase the HIPAA Compliant Add On, Thryv will send an automated email to your account with a Business Associate Agreement, also known as a BAA. The BAA is also accessible inside your Thryv Business Center account under My Account once the add on has been purchased. The BAA is a legal document that details the agreement between your business and Thryv, specifying that both parties agree to the liability and satisfy HIPAA agreements and bond of liability. By signing the BAA, both your business and Thryv commit to maintaining HIPAA compliant practices.

What is expected of you as a HIPAA Compliant Thryv Business Center user

Thryv Business Center will maintain consistent HIPAA compliant practices on the platform side. However, HIPAA compliance is a shared responsibility. As a Thryv Business Center user with the HIPAA Compliant Add On, you are also expected to adhere to HIPAA compliant behaviors in how you handle, store, and communicate your patients' and clients' protected health information (PHI) within Thryv Business Center. Failure to follow HIPAA compliant practices on your end does not transfer liability to Thryv.

How to add HIPAA compliance to your Thryv Business Center account

The HIPAA Compliant Add On is available for $29.00 per month. To add HIPAA compliance to your Thryv Business Center account, contact your Thryv Business Advisor. Your Business Advisor can add the HIPAA Compliant Add On to your account at any time.

Limitations and frequently asked questions

Does Thryv Business Center include EHR or EMR functionality?

No. Thryv Business Center is not an Electronic Health Records (EHR) or Electronic Medical Records (EMR) platform. Thryv Business Center does not support the storage or retrieval of medical records, and does not include medical billing or medical coding functionality. The HIPAA Compliant Add On is designed to protect the confidentiality and security of patient protected health information (PHI) that is transferred, communicated, or stored in the course of relationship management activities  such as scheduling, messaging, and client communications  undertaken within Thryv Business Center.

Does Thryv's HIPAA compliance extend to third-party software connected to my account?

No. Thryv Business Center's HIPAA compliance applies only to your Thryv Business Center account. If your business uses third-party software alongside Thryv Business Center and that software also handles protected health information, you must confirm that the third-party software offers its own HIPAA compliant option. Thryv's HIPAA compliance does not extend to any software outside of Thryv Business Center.