
All access to PHI is logged
in our system
Anytime PHI is accessed in our system, we log it. This ensures HIPAA compliance in the event of a breach.

All of our vendors are
HIPAA-compliant
All third-parties processing PHI have signed a BAA (Business Associate Agreement) with Great Question. We encourage customers to sign one with us, too.

Both PII & PHI is obfuscated by default
This is set by default for most user roles
and can be configured to meet the needs of your team.