We are looking to add a new intake form to our website that would collect sensitive information from our customers such as SSN's. Does anyone know what needs to be done to do this in a HIPAA compliant way?
Typically if you are going to be collecting sensitive information from your website you are going to want to have SSL, Malware monitoring for the site SSL is secure socket later which is going to be what secures the info going through the site and the malware is to ensure no file corruption. Once the form is submitted the email that it sends to will also need to be hippa compliant I imagine, in which case you can take a look at the office 365 email plan.
The business premium and business security are hippa compliant.