At Piwik PRO, ensuring the highest level of security and data protection has always been our top priority. Developing privacy-friendly analytics is just one aspect of our commitment. We validate our approach by obtaining external certifications from independent organizations.
As such, we are pleased to announce that a HIPAA (Health Insurance Portability and Accountability Act) compliance assessment extended our SOC-2 Type II audit and was positively approved. This means we are officially HIPAA compliant. In receiving this recognition, we demonstrate our commitment to safeguarding the data we collect and the high standards we have set for ourselves.
What is HIPAA certification
HIPAA certification refers to the process by which organizations comply with the US Health Insurance Portability and Accountability Act (HIPAA). This federal law protects sensitive patient health information from being disclosed without the patient’s consent or knowledge. An external audit examines a company’s adherence to HIPAA rules and evaluates the organization’s controls related to security, availability, processing integrity, confidentiality, and privacy of PHI.
Achieving HIPAA compliance involves several steps to ensure that the organization meets all the requirements outlined in the regulations. These include developing policies and procedures, implementing security measures, and creating a comprehensive business associate agreement (BAA).
If you want to learn more about HIPAA read:
- A review of HIPAA-compliant analytics platforms
- HHS guidance on using online tracking technologies: How to make your analytics HIPAA-compliant
- HIPAA, marketing and advertising: How to run compliant campaigns in healthcare
- The AHA’s lawsuit against HHS guidance on online tracking technologies: What it means for HIPAA-covered entities and their use of analytics
Why HIPAA certification matters
Obtaining HIPAA compliance certification will further enhance our compliance with healthcare data protection standards.
You may also like:
At Piwik PRO, we are committed to providing healthcare organizations with the most secure marketing platform available:
- We help companies in the healthcare industry meet the stringent requirements of HIPAA regulations and offer our clients informative, valuable, and actionable insights.
- We exclusively partner with select ISO 27001 and SOC2-certified Microsoft Azure HIPAA-compliant data centers.
- We operate following the best data security practices. Clients from industries handling sensitive data, like healthcare, are a prime testament to our expertise. With Piwik PRO, they have the flexibility to either de-identify all PHI in their data or sign a business associate agreement (BAA) to ensure that the collection and processing of PHI and ePHI comply with HIPAA requirements.
- We provide granular data access controls to restrict data access only to authorized personnel. Piwik PRO also maintains detailed audit logs to easily track data access and changes to data collection configuration.
HIPAA certification proves that Piwik PRO Analytics Suite is a verified solution for customers whose policies mandate partnering exclusively with HIPAA-compliant vendors. This certification demonstrates our commitment to ensuring a HIPAA-compliant analytics suite safeguarding Protected Health Information (PHI). Consequently, our future and existing clients can have greater confidence in the security of our data handling processes.