The short answer: Proof can enable HIPAA compliance for covered entities that sign a business associate agreement (BAA).
HIPAA compliance
The Health Insurance Portability and Accountability Act (HIPAA) establishes standards for the protection of sensitive patient information in electronic healthcare transactions.
Proof supports HIPAA compliance for any organization that meets both requirements below:
- Meets the definition of a covered entity
- Signs a business associate agreement (BAA) provided by Proof that delineates each party's roles and responsibilities
Additional protections
Some organizations supporting HIPAA compliance also have a HITRUST Certification that covers controls for the processing of highly sensitive data, such as personal health information (PHI). Though Proof does not have a HITRUST Certification, we are committed to security and:
- Undergo a System and Organization Control (SOC 2) audit each year
- Maintain a Kantara Certification
Both of these follow the same security principles and controls related to the processing of sensitive information.
Summary Checklist
- Your organization meets the definition of a covered entity.
- Your organization has signed a business associate agreement (BAA) with Proof.
- HIPAA compliance has been enabled by Proof — contact your CSM or Sales team to request this.
Updated