Enterprise-Grade Security & Compliance

Protecting sensitive client information is our top priority. Evalpals is built from the ground up with HIPAA compliance and security best practices.

HIPAA Compliant PlatformBusiness Associate Agreements available upon request

HIPAA Compliance

Evalpals maintains full HIPAA compliance for all protected health information. Our policies and procedures are designed to meet the requirements of the HIPAA Privacy and Security Rules.

  • Administrative safeguards in place
  • Physical safeguards for data access
  • Technical safeguards for data protection
  • Business Associate Agreements available

Data Encryption

All data is encrypted both in transit and at rest using industry-standard encryption protocols.

  • TLS 1.2+ for data in transit
  • AES-256 encryption for data at rest
  • Encrypted document storage
  • Secure key management

Secure Infrastructure

Our platform is hosted on enterprise-grade cloud infrastructure with comprehensive security controls.

  • Cloud hosting with security certifications
  • Regular security audits
  • Redundant data backups
  • 24/7 infrastructure monitoring

Access Controls

Strict access controls ensure that only authorized users can access sensitive information.

  • Role-based access control (RBAC)
  • Multi-factor authentication
  • Session management
  • Audit logging

LCSW Privacy Compliance

Every LCSW in our network is trained and committed to protecting client confidentiality.

HIPAA Training

All LCSWs in our network complete HIPAA training and demonstrate understanding of privacy requirements.

Confidentiality Agreements

Every LCSW signs confidentiality agreements and adheres to strict privacy protocols.

Supervision & Audit

Ongoing oversight ensures continued compliance with privacy and security requirements.

Data Handling Practices

Data Collection

We collect only the information necessary to provide evaluation services. All data collection is performed with appropriate consent and in compliance with applicable regulations.

Data Retention

Evaluation records are retained in accordance with professional licensing requirements and HIPAA guidelines. Secure deletion procedures are followed when retention periods expire.

Data Access

Access to client information is strictly limited to authorized personnel with a legitimate need. All access is logged and regularly audited.

Incident Response

We maintain incident response procedures to address any potential security events promptly and in compliance with breach notification requirements.

Security Questions?

If you have questions about our security practices or need a Business Associate Agreement, our team is here to help.

Contact Our Security Team

Ready to Get Started?

Join hundreds of attorneys who trust Evalpals for their psychological evaluation needs.

Join Early Access
Join Early Access