Hello!
I have read all of the articles about HIPAA compliance. My question is - if we create a Squarespace website on the normal Business plan, do not collect any patient information via Squarespace forms, or use their emails, only add a link to a 3rd party, HIPAA complaint appointment scheduler form, are we HIPAA compliant?
We work with a separate company for emails, scheduling, etc. that is HIPAA compliant. If patient information is not being collected by Squarespace, but a link to where patient information is collected is on the site, does it need to be HIPAA complaint? I have tried to ask this question but keep getting "yeah I think that should be okay" answers. Is there anyone out there who can tell me definitively?
Thank you!
Danielle