MindSpace Logo
MindSpaceAnonymous Support

HIPAA Compliance

How MindSpace meets and exceeds HIPAA requirements to protect your protected health information (PHI).

HIPAA Compliant Platform
MindSpace is designed and operated to meet all HIPAA Security and Privacy Rule requirements
100%
HIPAA Compliant
AES-256
Encryption Standard
24/7
Security Monitoring

HIPAA Security Safeguards

Our implementation of the three categories of HIPAA security safeguards required to protect electronic PHI.

Administrative Safeguards
Policies and procedures to manage the conduct of workforce members
  • Designated Security Officer responsible for HIPAA compliance
  • Workforce training on privacy and security requirements
  • Information access management and user authentication
  • Regular security assessments and audits
Physical Safeguards
Physical measures to protect electronic systems and equipment
  • Secure data centers with access controls and monitoring
  • Workstation security and device controls
  • Media controls for handling and disposal of data
  • Environmental controls and facility access restrictions
Technical Safeguards
Technology controls to protect and control access to information
  • End-to-end encryption for all data transmission
  • User authentication and access controls
  • Audit logs and activity monitoring
  • Data integrity and secure backup systems

Security Features

Technical and administrative controls that ensure your data remains secure and private.

Data Encryption
All data encrypted in transit and at rest using AES-256 encryption
Access Controls
Role-based access with multi-factor authentication requirements
Audit Logging
Comprehensive logging of all system access and data interactions
Security Monitoring
24/7 monitoring for security threats and unauthorized access

Your Rights Under HIPAA

Right to Access
You have the right to view and obtain copies of your protected health information
  • • Request access to your chat history and assessment results
  • • Receive copies of your data in a timely manner
  • • Access information in the format you prefer when possible
Right to Correction
You may request corrections to your protected health information
  • • Request amendments to incorrect or incomplete information
  • • Provide supporting documentation for requested changes
  • • Receive written response to your correction request
Right to Restriction
You may request restrictions on how your information is used or disclosed
  • • Request limits on who can access your information
  • • Restrict certain uses or disclosures of your data
  • • Request communication through specific methods only
Right to Deletion
You have the right to request deletion of your protected health information
  • • Request complete deletion of your account and data
  • • Receive confirmation of data deletion within 30 days
  • • Understand any legal limitations on data deletion
HIPAA Privacy Officer
For questions about your privacy rights or to file a complaint

MindSpace Privacy Officer

privacy@mindspace.app

You also have the right to file a complaint with the U.S. Department of Health and Human Services Office for Civil Rights about our privacy practices.