HIPAA Compliance

Our Core HIPAA Principles

Luminello maintains ongoing compliance with the U.S. Health Insurance Portability and Accountability Act (HIPAA) and can process, maintain, and store protected health information for any entities restricted by these regulations.

Signing a BAA with Luminello

Luminello will sign a business associate agreement (BAA) with your organization.  Just contact us to get the ball rolling.

Can you sign our BAA, or make changes to the Luminello BAA upon request?

Unfortunately, we’re not able to have unique agreements with customers. We believe our BAA accurately covers the scope of our relationship, and for legal reasons, cannot make adjustments to our BAAs.

What’s involved in HIPAA compliance?

We complete annual risk assessments and employee training as required by HIPAA. Additionally, we’ve gone to great lengths to ensure that data is properly secured and encrypted.

Where is Luminello customer data hosted?

Luminello is hosted on Amazon Web Services (AWS), a highly scalable cloud computing platform with end-to-end security and privacy features built-in.

What sort of application security is in place?

All Luminello web application communications are encrypted and cannot be viewed by a third party.

Who has access to our Luminello account?

Luminello employees who have undergone HIPAA training can access customer accounts for the sole purpose of lending a hand. We don’t access customer accounts unless we’re explicitly asked for help.

Are we able to export our data if we decide to leave one day?

Chart notes (in PDFs), practice roster, and financials (both via CSV) can be exported. Coming soon, calendar entries will be exportable.

Does Luminello have a policy that identifies and determines controls regarding the proper use of workstations to support access and protection of ePHI?

All production data is in a VPC (virtual private cloud). Internal access is firewalled and users must be authenticated on the VPN to access any part of our system.

Do you have a security policy to help ensure the confidentiality, integrity, and availability of ePHI? Do you have a SOC2/3 report?

For documentation regarding how data is stored and protected when in use, and at rest, refer to the Luminello Security Policy. For SOC2/3 reports, refer to AWS Cloud Security

Does Luminello have a security control policy (locked doors, surveillance cameras, alarms) to prevent theft of ePHI?

For documentation regarding physical location security, facility maintenance, and access control, refer to this white paper: Amazon Web Services: Security Overview

Do you have procedures for terminating access to systems containing ePHI when a team member is no longer employed at Luminello?

End-of-employment processes are in place. VPN access is disabled, AWS and administrator access keys are terminated, and all access to PHI is revoked. Upon termination, employees are required to destroy remaining local data and return the hardware to Luminello.

Have you taken steps to protect the organization from malicious software, including the application of security patches?

Per internal IT policy, we only upgrade instances to stable release versions.  We apply all security patches when released.

Have passwords been implemented that are unique to a user and comply with best practice components including password length, complexity, and duration?

We follow all NIST password guidelines for login based systems: https://pages.nist.gov/800-63-3/sp800-63b.html

Emily Mazza, Owner, Mazza Virtual Assistants Ewa Beach, HI

As a virtual assistant specializing in the mental health industry, I have worked with many EMR/EHR systems. Luminello is really intuitive, easy to use, and efficient for all the features it has. I would highly recommend it for those that have not used an EMR system before or are looking for an easier solution.

Latest Insights & Advice

Contact us

Groups Pricing

THERAPIST LITE
THERAPIST UNLIMITED
PRESCRIBE LITE
PRESCRIBE UNLIMITED
Pay Annually
(per month, per clinician)

$19

$39

$79

$119

Pay Monthly
(per month, per clinician)

$29

$49

$99

$149

AMA CPT® code annual use license

Prescriber Pricing

ERX ONLY PLAN
PRESCRIBER LITE
PRESCRIBER UNLIMITED
Pay Annually
(per month, per clinician)

$39

$79

$119

Pay Monthly
(per month, per clinician)

$49

$99

$149

Therapist Pricing

ESSENTIALS
THERAPIST LITE
THERAPIST UNLIMITED
Pay Annually
(per month, per clinician)

$0

$19

$39

Pay Monthly
(per month, per clinician)

$0

$29

$49

Monitor clinician & practice quality indicators

Measurement-based care

Practice management reports

Notes per month

Group Practice: Total EMR Cost Comparison

Group practice pricing calculator

Select the number of licenses for your team from each plan to see the subscription cost.

Group practices

Automated chart importing

Unlimited admin assistants

Invoicing + auto-pay

Pre-screen form in public profile

Get started with paperwork quickly!

Additional premium-plan support options

Expand Your Practice with Telehealth

Expand Your Practice with Telehealth

E-prescribing

Custom chart importing

We offer additional help to make importing your data and charts faster and easier.

Insurance claim submissions

Easily submit insurance claims via our partner ApexEDI

Integrate credit card payments into your charts

Live customer support    Chart integration    Portal payments

Together with our partner Bluefin, we offer credit card functionality integrated into your charts, client/patient portal payments, competitive rates, PCI security compliance support, and a human on the other end of the phone if you have questions.

credit card pricing

Contact us or Bluefin directly at 800-675-6573 ext:7802

Custom forms & templates

Hire us to create custom questionnaires and templates for you.

Order labs electronically

Enhanced messaging

Enhanced patient/client portal

Patients/clients can:

Keep your practice in sync

Manages your tasks across your entire practice and every chart

Charts shortcuts

Save time. Let them book online.

Online booking allows your patients/clients to book appointment via the portal for exactly when, what, and where you specify.

Easy-to-use rating scales

Integrated assessment tools with just a few clicks.

Create custom questionnaires

Our questionnaire form builder allows you to create your own forms for your patients/clients to complete.

Create custom note templates

Our form builder allows you to create your own unique note templates for your practice.

E-prescribing

Due to the highly regulated nature of e-prescribing, set up is a multi-step process that includes identity proofing, working with a “trusted assistant” and setting up a second device to give you one-time codes. But don’t worry, we’re here to get you through it…and we promise e-prescribing is a breeze once set-up is complete!