Educators and health care providers operate under strict privacy laws. All of the combined regulations have been considered with every aspect of what we do in collaboration with school districts. EHS has taken steps to insure compliance with all privacy laws.
The delivery of sensitive documents with personal identifying information is executed utilizing Data Security Assurances.
1) United States Post Office
2) Encrypted (Secure Socket Layer (SSL) form submission
3) Encrypted Secure Sockets Layer (SSL) email
4) Encrypted Secure Socket Layer (SSL) upload
United States Post Office:
Most reliable and safe. Cost prohibitive and slow for large files. All original signed orders will be sent using this method.
The Formplus website is secured with industry-standard technologies and the Secure Sockets Layer (SSL) protocol is used on all Formplus forms. SSL is the standard security technology for establishing an encrypted link between a web server and a browser.
We use Barracuda, the gold standard for privacy protection. According to the 2018 COSN K-12 IT Leadership Survey Report, cybersecurity is now a top K-12 IT priority, along with broadband and network capacity. At the same time, 68 percent rated the privacy and security of student data as more important than the prior year. Certificate
Dropbox supports HIPAA and HITECH Act compliance. This, and all other methods of exchanging information, is only as good as infrastructure and process being implemented. EHS is committed to student and patient privacy. All aspects for handling sensitive information has been considered.
Fax transmission of protected information remains to be the standard. Quality and dependability have been the inherent problems. While we can utilize fax as an option for transmitting private information, there are better options preferred.
New Hampshire Department of Education:
EHS has roots in providing medical services to patients, and has been a long time participant in protecting sensitive information. Education standards are similar to health care as it relates to privacy and security of student data. EHS meets or exceeds the requirements established in RSA Section 193-C:11,193-E:5 and 189:67 where applicable to third party services.
New Hampshire Student Privacy Agreement (NHSPA)
EHS is compliant with the standards of the following (where applicable):
- The Family Educational Rights and Privacy Act (FERPA) (20 U.S.C. § 1232g; 34 CFR Part 99)
- Health Insurance Portability and Accountability Act
- Health Information Technology for Economic and Clinical Health Act
- 32 CFR Part 2002 "Controlled Unclassified Information" (CUI)