Healthcare Security &
HIPAA Compliance.
Security isn't a feature—it's the foundation. On Call Practice is built from the ground up to exceed the strictest requirements for safeguarding Protected Health Information (PHI).
How we protect your practice
End-to-End Encryption
All Protected Health Information (PHI) is encrypted at rest using AES-256 and in transit via TLS 1.3.
Business Associate Agreements
We sign comprehensive BAAs with all our covered entity clients and our downstream infrastructure providers.
Access Controls & Audit Logs
Strict Role-Based Access Control (RBAC) and immutable audit logs that track every API request and data access event.
Secure Infrastructure
Our platform is hosted on dedicated, HIPAA-compliant infrastructure with routine vulnerability scanning and SOC 2 Type II attestation.
Need our BAA?
If you are an active customer and need to review or sign our Business Associate Agreement, please contact your dedicated account manager or email our compliance team.