HIPAA Compliance

At Insider, we take the privacy and security of your sensitive information seriously. As part of our commitment to safeguarding your data, we adhere to the Health Insurance Portability and Accountability Act (HIPAA) and have implemented comprehensive measures to ensure compliance.

Our Commitment to HIPAA Compliance

1. Administrative Safeguards:

We have established and maintained policies and procedures to manage the selection, development, implementation, and maintenance of security measures.
Our security and legal teams oversee HIPAA compliance, conduct regular risk assessments, and ensure ongoing employee training on privacy and security practices.

2. Physical Safeguards:

Insider services and data are hosted in Amazon Web Services (AWS) facilities (eu-west 1) in Ireland. Access to data centers is strictly limited to authorized personnel with verified biometric identity. AWS data centers are physically protected by security guards, video monitoring, and other on-premise security measures.
We employ safeguards to protect against environmental hazards or unauthorized intrusion.

3. Technical Safeguards:

State-of-the-art encryption protocols are utilized to protect electronic health information during transmission and storage.
Regularly updated firewalls, anti-virus software, and access controls are in place to secure our information systems.

4. Organizational Requirements:

All employees undergo thorough background checks and sign confidentiality agreements.
We have designated Information Security, Risk, and Compliance Teams responsible for overseeing policies, conducting audits, and responding to any incidents.

Business Associate Agreement (BAA)

To further demonstrate our commitment to protecting your data, Insider is pleased to offer a Business Associate Agreement (BAA) upon request. This agreement outlines the responsibilities and safeguards in place when handling your protected health information (PHI).

Our BAA includes, but is not limited to:

Clearly defined roles and responsibilities for both parties.
Safeguards to prevent the unauthorized use or disclosure of PHI.
Procedures for reporting and responding to security incidents.
Measures for ensuring the confidentiality, integrity, and availability of PHI.
Obligations for the return or destruction of PHI at the end of the business relationship.

Requesting a Business Associate Agreement

If you require a Business Associate Agreement or have any questions regarding our HIPAA compliance practices, please contact privacy@useinsider.com

Insider is dedicated to maintaining the highest standards of privacy and security, and we appreciate the trust you place in us. We are committed to evolving our practices to meet the ever-changing landscape of healthcare information security.

Cookie	Duration	Description
__hssrc	session	This cookie is set by Hubspot. According to their documentation, whenever HubSpot changes the session cookie, this cookie is also set to determine if the visitor has restarted their browser. If this cookie does not exist when HubSpot manages cookies, it is considered a new session.
cookielawinfo-checkbox-advertisement	1 year	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Advertisement".
cookielawinfo-checkbox-analytics	1 year	This cookies is set by GDPR Cookie Consent WordPress Plugin. The cookie is used to remember the user consent for the cookies under the category "Analytics".
cookielawinfo-checkbox-necessary	1 year	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance	1 year	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".

Cookie	Duration	Description
__hssc	30 minutes	This cookie is set by HubSpot. The purpose of the cookie is to keep track of sessions. This is used to determine if HubSpot should increment the session number and timestamps in the __hstc cookie. It contains the domain, viewCount (increments each pageView in a session), and session start timestamp.
bcookie	11 months	This cookie is set by linkedIn. The purpose of the cookie is to enable LinkedIn functionalities on the page.
lang	session	This cookie is used to store the language preferences of a user to serve up content in that stored language the next time user visit the website.
lidc	1 day	This cookie is set by LinkedIn and used for routing.

Cookie	Duration	Description
__hstc	11 months	This cookie is set by Hubspot and is used for tracking visitors. It contains the domain, utk, initial timestamp (first visit), last timestamp (last visit), current timestamp (this visit), and session number (increments for each subsequent session).
_ga	1 year	This cookie is installed by Google Analytics. The cookie is used to calculate visitor, session, campaign data and keep track of site usage for the site's analytics report. The cookies store information anonymously and assign a randomly generated number to identify unique visitors.
_gat_UA-81205217-1	1 minute	This is a pattern type cookie set by Google Analytics, where the pattern element on the name contains the unique identity number of the account or website it relates to. It appears to be a variation of the _gat cookie which is used to limit the amount of data recorded by Google on high traffic volume websites.
_gcl_au	3 months	This cookie is used by Google Analytics to understand user interaction with the website.
_gid	1 day	This cookie is installed by Google Analytics. The cookie is used to store information of how visitors use a website and helps in creating an analytics report of how the website is doing. The data collected including the number visitors, the source where they have come from, and the pages visted in an anonymous form.
hubspotutk	11 months	This cookie is used by HubSpot to keep track of the visitors to the website. This cookie is passed to Hubspot on form submission and used when deduplicating contacts.

Cookie	Duration	Description
_fbp	3 months	This cookie is set by Facebook to deliver advertisement when they are on Facebook or a digital platform powered by Facebook advertising after visiting this website.
bscookie	11 months	This cookie is a browser ID cookie set by Linked share Buttons and ad tags.
fr	3 months	The cookie is set by Facebook to show relevant advertisments to the users and measure and improve the advertisements. The cookie also tracks the behavior of the user across the web on sites that have Facebook pixel or Facebook social plugin.
IDE	11 months	Used by Google DoubleClick and stores information about how the user uses the website and any other advertisement before visiting the website. This is used to present users with ads that are relevant to them according to the user profile.
test_cookie	15 minutes	This cookie is set by doubleclick.net. The purpose of the cookie is to determine if the user's browser supports cookies.
VISITOR_INFO1_LIVE	5 months 27 days	This cookie is set by Youtube. Used to track the information of the embedded YouTube videos on a website.

Cookie	Duration	Description
AnalyticsSyncHistory	1 month	No description
cookielawinfo-checkbox-functional	1 year	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-others	1 year	No description
ins-c	1 day	No description
ins-storage-version	1 year	No description
insdrPushCookieStatus	1 day	This cookie is set by the provider Insider. This cookie is used for web push recieving.
RUL	1 year	No description
UserMatchHistory	1 month	Linkedin - Used to track visitors on multiple websites, in order to present relevant advertisement based on the visitor's preferences.