CareCom’s Commitment to Security

CareCom, LLC (CareCom) contracted with Sword & Shield Enterprise Security, Inc. for assistance in helping us to create a highly secure and compliant Web-based solution for the RightTrack Rehab application and web site ( ). CareCom understands the importance of protecting a patient’s electronic protected health information (ePHI) and is focused is on maintaining the domain in a highly secure and compliant manner.

A key element to establishing and maintaining a HIPAA compliant for CareCom was to locate a suitable cloud provider which understands the compliance requirements for ePHI and is in fact HIPAA compliant. Sword and Shield worked with CareCom and assisted CareCom in selecting and establishing a partnership between CareCom and Firehost. CareCom’s site in now in production within the Firehost Secure Cloud. Firehost is widely known for their secure cloud environment within the industry and protects ePHI for many of the largest healthcare providers in the country.

Sword & Shield has verified that all connectivity between the web site and the family member, staff and physicians using this application is contained within an Secure Sockets Layer (SSL) encrypted connection. The transmission of sensitive ePHI is secured by the use of SSL certificates issued by trusted third parties that specialize in providing the certificates required for SSL encrypted connections.

Sword & Shield has also verified that CareCom has developed the required Notice of Privacy Practices relevant to those entities that maintain PHI.

The notice describes the ways in which CareCom uses and discloses PHI.