HIPAA Resource Center

Your one-stop resource center for HIPAA, its relation to businesses, & how your organization can prepare for HIPAA compliance.

HIPAA Software Requirements

HIPAA is the US law that regulates how all healthcare information is used and shared.  It applies to every type of health data: digital, hard-copy, even spoken conversations.  HIPAA is a 'black box', a confusing morass of regulations and requirements that is anything but intuitive. To make matters worse, the majority of information about HIPAA compliance is written for medical providers and clinicians. For healthcare software companies, HIPAA compliance is critical. Healthcare customers want proof of HIPAA compliance and hackers will continue to push the limits to break your security and privacy, so it is important to stay ahead.
The headlines are filled with news of large and small healthcare organizations being levied with significant fines if they breach HIPAA compliance. The loss of credibility and reputation from a data breach can be even worse for HIPAA compliant software companies, for whom reputation and credibility are very important.  No matter the cost required to comply with HIPAA, the cost of non-compliance is always greater.
HIPAA enforcement has been ramping up over recent years.  In addition to the official HIPAA enforcement agency, the Office for Civil Rights (OCR), changes to HIPAA in the HITECH Act have given new HIPAA enforcement powers to each of the fifty U.S. States' Attorney Generals. Although not officially tasked to enforce HIPAA, the Federal Trade Commission (FTC) has also stepped in to investigate and prosecute technology companies whose claims of data privacy and security are misleading or false.
HIPAA can often be an enormous burden to many software companies. However, HIPAA compliance is one of the best frameworks to build cloud applications as secure and immune to data breach as possibly.  By setting very high security and privacy standards based on best practices, HIPAA helps protect health data and software company's reputations. By creating solid and time-tested security procedures that emphasize patient privacy and consumer rights, and encryption, HIPAA helps ensure customer satisfaction.  By requiring a written Business Associate Agreement for customers, vendors and partners, HIPAA clarifies roles, responsibilities, and relationships of the software company.

About HIPAA Compliance Software Certification

Although the US Health and Human Services Office for Civil Rights oversees and enforces the privacy rules under HIPAA, it doesn't offer an official HIPAA "certification." In fact, there is no officially recognized HIPAA compliance certification, although some entities privately offer HIPAA certifications if an organization meets the seven key elements. All of Giva's help desk and customer service software in the cloud applications are HIPAA compliant. Most of the criteria required for HIPAA-compliant software is related to the data center where it is hosted.