top of page


HIPAA & HITRUST Compliant Website(s) powered by CMS Tools from WordPress

Providing medical services opens a host of unique responsibilities and liabilities. This includes adhering to the Health Insurance Portability and Accountability Act (HIPAA). The HIPAA Security Rule enforces special requirements for collecting protected health information (PHI). When these medical services are provided through a website, it is required that the confidentiality and integrity of the electronic PHI (ePHI) is protected by implementing safeguards such as full encryption of data in transit and at rest.

Project Hosts provides highly secure and compliant websites and CMS (Content Management System) platforms that are both HIPAA and HITRUST compliant in our HITRUST certified security envelop. When we deploy CMS platforms on our turn-key compliant Micrsoft Azure environment, we implement and manage all of the controls required for full application-level HIPAA and HITRUST compliance. This allows healthcare organizations to use their websites as service platforms and process personal identification information (PII) and ePHI in a secure and compliant fashion.


HIPAA requires that safeguards are in place, while HITRUST takes it a step further and identifies the best safeguards to ensure privacy protection.

If your organization needs a website with full application-level HIPAA and HITRUST compliance, we have what you need. Unlike tradtional website providers, who take no responsibility nor liability for phi and pii related content, we implement and manage all of the scanning, patching, log correlation, intrusion detection, incident response and other security services, ensuring HIPAA and HITRUST compliance and  allowing you to keep your focus on great content development, leaving compliance to us.

HIPAA & HITRUST Compliant Website Features

HIPAA and HITRUST Compliant Website Servcies includes:

  • Full Application-Level HIPAA and HITRUST Compliance

  • Multisite Support

  • Separate Test and Production Environments

  • Disaster Recovery Resources and Tests

  • Daily Backups

  • Integrated Incident Response System

  • Intrusion Prevention

  • Log Inspection

  • 99.9% Availability Guarantee

  • Multi-factor Authentication for Admins

  • Encryption of Data at Rest and in Transit

  • Plug-in Support Based on a Pre-Approved List

  • We provide DNS name and SSL certificate (You are able to bring your own)

  • 24×7 Security, Support and Monitoring

  • Business Associate Agreement (BAA)

bottom of page