Personnel Onboarding: HIPAA

  • Updated

If you would like to contact your personnel directly, rather than using Vanta's automated reminders to complete the security tasks you have created for them, you can leverage our templates to get you started.

Personnel Onboarding: HIPAA

Subject: [Important] HIPAA compliance readiness and Vanta onboarding

Hi Team! 

 As you all know, we are working to become HIPAA compliant.

We are pursuing HIPAA compliance to ensure the security of our customer's data and in addition to their ePHI (Electronic Protected Health Information). Many customers even have specific teams that need to validate the security of the software they purchase. Becoming HIPAA-compliant instills trust with customers regarding our data protection practices and in turn, expedites our sales cycles.

 To prepare for this audit, we've been working with a SaaS company, Vanta, to help us become and stay HIPAA compliant. As part of the audit process, we need you to be onboarded onto Vanta. This is an investment of time to ensure we all follow consistent security practices and a seamless audit.

Please complete the following steps

  • Go to https://app.vanta.com/onboarding
  • Read and accept our security policies 
  • Install the Vanta Agent on your company machine (e.g. laptop). With limited access, the app can only read info that is set on your machine. It ensures:
    • A password manager is installed
    • The hard disk is encrypted
    • The operating system is up-to-date
  • Complete security awareness training
    • The online training should take 8 mins to complete, from start to finish and will automatically track your completion (important to not click out of the video or you may have to start over) 
    • NOTE: You will need to take additional HIPAA compliance training so please keep an eye out for details on that as well!

To help us stay on track with our goal & timeline, we’d need all employees to complete their required steps by [ENTER DATE HERE]. If you have any questions, please do not hesitate to contact me.