-
Is Google Analytics HIPAA-compliant?
If you use Google Analytics or similar software, you’re likely already optimizing your website to serve your customers better. But what about Google Analytics and HIPAA compliance? In short – if you’re a HIPAA-covered entity, using GA4 puts you at serious risk of a HIPAA breach. Google states that Google Analytics doesn’t satisfy HIPAA requirements. And…
-
Everything you need to know about the New York Health Information Privacy Act (NYHIPA)
On January 22, 2025, the New York Assembly passed Senate Bill S929, also known as the New York Health Information Privacy Act (NYHIPA). The bill now awaits Governor Kathy Hochul’s signature. The new legislation adopts novel provisions that would make this one of the most stringent privacy laws in the US. It introduces an expansive…
-
The AHA’s lawsuit against HHS guidance on online tracking technologies: What it means for HIPAA-covered entities and their use of analytics
On June 20, 2024, a US district court ruled in favor of the American Hospital Association’s (AHA) lawsuit against the Department of Health and Human Services (HHS) bulletin on using online tracking technologies, declaring it beyond agency authority. The 2022 bulletin sought to inform entities regulated under HIPAA of their obligations concerning the use of…
-
Piwik PRO is officially HIPAA certified!
At Piwik PRO, ensuring the highest level of security and data protection has always been our top priority. Developing privacy-friendly analytics is just one aspect of our commitment. We validate our approach by obtaining external certifications from independent organizations. As such, we are pleased to announce that a HIPAA (Health Insurance Portability and Accountability Act)…
-
![What is PII, non-PII, and personal data? [UPDATED]](https://piwik.pro/wp-content/uploads/2020/10/2020-10-21_What-Is-PII-non-PII-and-personal-data_blog-2.png)
What is PII, non-PII, and personal data? [UPDATED]
Personally identifiable information (PII) and personal data are two classifications of data that often confuse organizations that collect, store and analyze such data. Both terms cover common ground, classifying information that could reveal an individual’s identity directly or indirectly. PII is used in the US, but no specific legal document defines it. The legal system…
-
HHS guidance on using online tracking technologies: How to make your analytics HIPAA-compliant
In December 2022, the US Department of Health and Human Services (HHS) Office for Civil Rights (OCR) issued guidance on online tracking technology to HIPAA-covered entities. The bulletin details healthcare companies’ use of third-party cookies, pixels and other tracking technologies and elaborates on the definition of protected health information (PHI) that HIPAA refers to. HHS’s…
-
HIPAA, marketing and advertising: How to run compliant campaigns in healthcare
Healthcare organizations deal with tons of sensitive information concerning people’s health. It needs to be handled with proper care. In the US, safe parameters for using this kind of data in different contexts, including marketing, are set by HIPAA. Unfortunately, many companies are still unaware of the provisions of the law and the potential consequences…
-
Is Adobe Analytics HIPAA-compliant?
The Health Insurance Portability and Accountability Act (HIPAA) is a restrictive data security law regulating US healthcare organizations’ use of protected health information (PHI). The covered entities and business associates that handle the PHI of US patients are subject to HIPAA, even if they don’t reside in the US. It affects many aspects of how…
-
A review of HIPAA-compliant analytics platforms
As a healthcare organization subject to HIPAA, you’re walking a fine line when trying to improve the patient experience and ensure your activities are HIPAA-compliant. Vendors have been adjusting to the shifting privacy-oriented analytics landscape and their clients’ expectations. Many of them change their offers accordingly. At the same time, the dominant analytics vendors are…
-
PHI and PII: How they impact HIPAA compliance and your marketing strategy
Personally identifiable information (PII) and protected health information (PHI) may seem similar. However, there are critical distinctions between the two. While PII is a catch-all term for any information that can be associated with an individual, PHI applies specifically to HIPAA-covered entities dealing with identifiable patient information. Keeping HIPAA compliant and protecting patient information requires…
Categories
- Analytics (184)
- Banking & finance (14)
- Comparisons (12)
- Consent Manager (8)
- Conversion optimization (24)
- Customer Data Platform (17)
- Data management (57)
- Data Privacy & Security (3)
- Data privacy & security (123)
- GDPR (53)
- Government (8)
- Healthcare (18)
- Interviews (24)
- News & releases (43)
- Personalization (22)
- Product best practices (25)
- Tag Manager (10)
- Uncategorized (2)
- Use cases (36)
Newsletter
Sign up to receive the latest Piwik PRO news and insights in your inbox.