Secure Forms

While IntakeQ does its best to secure your clients' information, if the customer does not properly use the software, confidential medical information may be disclosed, violating HIPAA. Complete HIPAA compliance requires both users and software to work together.

For example, if a user discloses his or her password or login information to a third party, it may allow a user to bypass our security measures.

IntakeQ recommends all customers to do the following:

• Administrators must delete the user accounts of assistants and practitioners who no longer work within their organization.
• Never disclose passwords to anyone, including someone claiming to be from IntakeQ.
• Logout immediately when walking away from the computer.
• Do not share login with another person. It is critical that each person access IntakeQ using their own username and password.
• Do not write down a password anywhere.
• Make sure that the URL clearly displays both https and IntakeQ's domain name regularly used when logging in. We cannot be held liable for organizations or individuals impersonating IntakeQ.
• Never share access to e-mail accounts that are associated with your IntakeQ account.
• Change your password regularly; at least every 90 days.
• Apply these same security recommendations to the email account you use to access IntakeQ.
• Use a different password for each website you create an account on. A password manager can help you with that.
• Do not disclose PHI on emails or SMS messages sent through IntakeQ without the patient's consent.
• When sending an intake form to members of the same family, avoid sending them all to the same email, unless there is no privacy issues with the email owner accessing the form of the other family members.
• We strongly recommend the use of 2-Step authentication.

By following these recommendations, you are drastically reducing the odds of data breaches in your IntakeQ account.