As a company dealing with protected health information (PHI) of US citizens, it is your responsibility to ensure that any PHI you are collecting is well protected. Otherwise, you expose yourself to severe legal consequences, including civil and criminal penalties.
That is why you have to approach HIPAA (Health Insurance Portability and Accountability Act of 1996) compliance with diligence and carefully choose marketing technology vendors who will support you in fulfilling the legal obligations imposed on your business.
See how Piwik PRO Marketing Suite can help you comply with HIPAA:
HIPAA-compliant hosting options
With Piwik PRO Marketing Suite you are in full control of HIPAA compliance due to the ability to host our product on your own servers. As we don’t have access to your infrastructure nor the ePHI of your clients, you have full control over the privacy of your data. You are also able to implement hardware, software, and/or procedural mechanisms that record and examine activity in information systems that contain or use ePHI.
Data encryption & transmission security
Implement security measures to better handle electronically transmitted ePHI. With On-premises hosting, we can configure the infrastructure in a way that all the data is encrypted to comply with HIPAA and use selected encryption features native to the HIPAA-eligible services.
100% data ownership
You are the sole owner of the data tracked by your Piwik PRO Marketing Suite and your data is never sent to external servers. Moreover, we will provide you with guidelines to follow to enable all of the necessary data privacy measures.
No BAA needed
Under HIPAA, any vendor that could access the ePHI of your clients can be considered a “Business Associate” and has to sign a BAA (Business Associate Agreement). Fortunately, with Piwik PRO Marketing Suite you don’t have to worry about a BAA. Since all of your data is stored on your own infrastructure, you don’t have to sign a BAA to use our marketing tools in a HIPAA-compliant manner. Your in-house technical team will be in full control of the infrastructure and you can implement your own compliance procedures.
Use the Marketing Suite recognized by Leading Data Privacy Organizations: France’s CNIL, the ULD of Germany, and the Privacy Commissioner of New Zealand. It is deployed by healthcare institutions and organizations, banks, and governments.
Additional Piwik PRO Marketing Suite features for enhanced data protection
Audit log / Change log
Easily monitor and review user activity in Piwik PRO Marketing Suite: login attempts, password updates, modification of the instance settings, and any API requests made. All these actions get saved in a log available to the super admin.
Single Sign On
Manage all your users in a central database and use SSO (Single Sign On) for logging into Piwik PRO Marketing Suite using SAML (Security Assertion Markup Language), LDAP (Lightweight Directory Access Protocol), or other enterprise standards. Maintain total control over who is given access to the information gathered by your marketing tools.
Privacy compliance advice and support
Receive professional support with your platform configuration and setup in order to make it privacy compliant and secure. Benefit from included user training to help you get the most out of your data. Piwik PRO experts will be available to answer any questions and resolve potential issues.