Pricing
Log in

Blog

PRODUCT

Announcing HIPAA Compliance

Blog banner
Subscription

Subscribe

We'll send you updates from the blog and monthly release notes.

Eric Dodds

Eric Dodds

Head of Product Marketing at RudderStack

August 30, 2022

We’re pleased to announce that RudderStack is now HIPAA compliant and ready to sign BAA’s with customers. This is exciting news for healthcare companies like Accurx, who can now use modern customer data tooling to provide the best patient experience possible.

Patients expect healthcare companies to not only provide good care, but also great customer support, personalized experiences, and next-day deliveries. These expectations apply across the spectrum, whether the patient is interacting with a hospital, pharmacy, or any company providing a health service or product.

Exceeding patient expectations with great experiences is only possible with the help of modern data tools and technology.

When healthcare companies think about data, HIPAA is one of the first things that comes to mind. The Health Insurance Portability and Accountability Act is a set of privacy and security standards that protects patient information in the US. For healthcare companies working with customer data, maintaining HIPAA compliance is critical.

Delivering the best patient experiences requires the best data tools

Data engineers and those responsible for the tech stack at healthcare companies often find their choice of modern data tools limited because so few vendors meet strict regulatory standards.

Using outdated or legacy tools makes it hard for data, product, and marketing teams to build a complete view of their patients and their journey, ultimately limiting their ability to build better customer experiences.

RudderStack: modern tooling that keeps patient data safe

With RudderStack’s HIPAA compliance, data teams can collect rich customer data from every website and app to empower product, marketing, and customer success teams with a complete set of customer data.

Here’s why Covered Entities (CEs) trust RudderStack as a Business Associate (BA) that makes security and compliance easy for healthcare data teams:

  • Warehouse-first - RudderStack doesn’t store any customer data. This means that your current security and privacy protocols are still enforced without the need to add any additional tooling or protocols (or deal with a vendor black-box). For companies dealing with PHI, that is a big deal.
  • Data governance - limit what data is captured at the source and block data that doesn’t comply with your approved schemas
  • PII masking and hashing - using our Event Transformations feature allows you to enforce data privacy compliance in-flight. You can easily perform data masking, data encryption, attribute removal and event filtering before the data is delivered to destinations requiring HL7 FHIR compliance.
  • Permissions management - configure who in the company has the ability to set, and sometimes see, where PHI or PII data is going. This is actually one of the newest features that we released.
  • SOC2 compliance - We’ve also attained SOC2 Type 2 attestation that gives our customers assurance that we’ve implemented industry standard security safeguards.

We implemented RudderStack to start a ‘revolution’ in our analytical environment.

- Francesca Riva, Head of Data, Accurx

Learn more about data security with RudderStack

Download our security whitepaper for more details on how RudderStack keeps your data secure.

Eric Dodds

ABOUT THE AUTHOR

Eric Dodds

Head of Product Marketing at RudderStack

Recent Posts

PRODUCT

Spotlight: Have a Very Data Holiday Promotion for Event Streams

By Kristen Glass
arrow

See all posts

Subscription

Subscribe

We'll send you updates from the blog and monthly release notes.

Get Started Image

Get started today

Start building smarter customer data pipelines today with RudderStack. Our solutions engineering team is here to help.

Customer Data Platform for Developers | RudderStack
HIPPA Compliant
SOC 2 TYPE 2Users love RudderStack on G2