Privacy-Conscious Technology for Healthcare Websites
Healthcare organizations operate in an increasingly complex regulatory environment. From HIPAA and patient privacy to accessibility standards and evolving state privacy laws, maintaining a healthcare website requires more than simply publishing content.
Remedy CMS is designed specifically for healthcare organizations and provides a secure, enterprise-managed platform that supports privacy-conscious website operations while allowing each organization to determine its own legal and compliance requirements.
While we provide secure hosting, technical implementation, and platform management, Remedy CMS does not provide legal or regulatory compliance advice. Decisions regarding privacy policies, consent management, third-party technologies, and regulatory obligations should always be made by your organization's legal and compliance professionals.
Our Role
Remedy CMS provides:
- Secure website hosting
- Enterprise website management
- Technical implementation
- Platform security updates
- Website monitoring
- Backup and disaster recovery
- Accessibility-conscious development
- Technical SEO
- Performance optimization
When requested, we also implement technical solutions specified by our clients or their legal and compliance advisors, including:
- Cookie consent platforms
- Consent management integrations
- Third-party script configuration
- Analytics implementation
- Privacy policy updates
- Accessibility improvements
Your Organization's Role
Healthcare organizations remain responsible for determining their own legal and regulatory obligations, including:
- HIPAA compliance
- State privacy law compliance
- Privacy policies
- Cookie consent requirements
- Data retention policies
- Business Associate Agreement (BAA) requirements
- Third-party vendor selection
- Patient consent requirements
Remedy CMS implements technical solutions but does not determine what your organization is legally required to implement.
HIPAA & Protected Health Information (PHI)
The Remedy CMS platform is designed so that Protected Health Information (PHI) should not be collected, transmitted, or stored directly within the CMS.
When healthcare organizations require secure collection of patient information, Remedy CMS integrates approved third-party solutions that are owned and managed by the healthcare organization or its designated vendors.
Examples may include:
- Appointment scheduling platforms
- Secure patient forms
- Patient portals
- Electronic Medical Record (EMR) integrations
- Other HIPAA-compliant services selected by the Practice
This separation helps reduce unnecessary exposure of PHI within the public-facing website.
Website Cookies
Remedy CMS itself uses only a minimal number of cookies required for secure website operation.
These cookies are considered Necessary Cookies for proper functionality and are not used for advertising, marketing, behavioral profiling, or cross-site tracking.
| Cookie | Category |
Purpose |
|---|---|---|
| laravel_session | Strictly Necessary |
Maintains secure website sessions and core website functionality. |
| XSRF-TOKEN | Strictly Necessary |
Protects website forms against Cross-Site Request Forgery (CSRF) attacks. |
edz_ov_setX |
Functional |
Remembers when a visitor has dismissed or interacted with a website pop-up, banner, or overlay so it displays according to the website's configured behavior and avoids repeatedly showing the same message during future visits or sessions. |
These cookies support website functionality and security only.
Note: The edz_ov_setX cookie name includes a unique identifier (X) corresponding to a specific website popup, banner, or overlay. Websites utilizing multiple overlays may set multiple edz_ov_setX cookies. These cookies are used solely to manage website functionality and user experience and do not collect advertising or cross-site tracking information.
Third-Party Technologies
Many healthcare organizations choose to integrate third-party services into their websites.
Examples include:
- Google Analytics
- Google Ads
- Google Maps
- YouTube
- Vimeo
- SocialClimb
- Patient scheduling platforms
- Chat services
- Reputation management platforms
- Accessibility tools
These technologies are selected by each healthcare organization based on its own operational needs.
Remedy CMS can technically implement or remove these services at the client's direction, but the healthcare organization remains responsible for determining which third-party technologies should be used and ensuring they satisfy applicable legal, contractual, and regulatory requirements.
Privacy Policies & Consent Management
Privacy laws continue to evolve across the United States and internationally.
Depending on your organization's location, the jurisdictions in which you operate, and the technologies used on your website, additional privacy disclosures or visitor consent mechanisms may be appropriate.
Upon request, Remedy CMS can implement:
- Cookie consent banners
- Conditional loading of third-party scripts
- Privacy policy updates provided by the client
- Technical privacy enhancements
Implementation decisions should be based upon guidance provided by your organization's legal or compliance professionals.
Accessibility
Remedy CMS is developed using modern accessibility best practices intended to support compliance with current Web Content Accessibility Guidelines (WCAG).
Accessibility is an ongoing process rather than a one-time project.
Our development team regularly considers:
- Semantic HTML
- Keyboard accessibility
- Alternative text support
- Form accessibility
- Color contrast
- Responsive layouts
- Screen reader compatibility
We also assist healthcare organizations with accessibility remediation projects and ongoing accessibility improvements. Ongoing accessibility monitoring and remediation is provided via qualifying monthly SLA packages.
Security
Remedy CMS employs commercially reasonable administrative, technical, and operational safeguards designed to support secure website operation.
Platform security features include:
- Managed hosting
- SSL/TLS encryption
- Firewall protections
- Security monitoring
- Routine software updates
- Scheduled backups
- Disaster recovery procedures
- Principle of least privilege administrative access
Security practices continue to evolve as new technologies and threats emerge.
Data Retention
Certain Remedy CMS services, including Remedy Analytics, retain website analytics data for operational reporting purposes.
Unless otherwise agreed in writing, analytics data is generally retained for up to two (2) years or until approximately 2 GB of stored analytics data has accumulated, whichever occurs first. Older data may then be archived or removed to maintain platform performance and storage efficiency.
Transparency
We believe healthcare organizations deserve transparency regarding the technology powering their websites.
If you have questions regarding:
- platform security
- cookies
- hosting
- Remedy Analytics
- accessibility
- privacy-related technical implementation
our team is happy to explain how Remedy CMS works and assist with implementing technical solutions requested by your organization.
Questions?
For technical questions regarding Remedy CMS privacy or security features, please contact our team.
For legal or regulatory compliance questions, we encourage healthcare organizations to consult their legal counsel or compliance professionals.
Trusted By
© 2026. All rights reserved. E-dreamz, Inc.