Talk to us

Learn how you can Unlock Limitless Customer Lifetime Value with CleverTap’s All-in-One Customer Engagement Platform.

  • See a tailored demo of CleverTap's key capabilities.
  • Get a walk-through of industry specific use cases.
  • Obtain answers to any questions about integration, go-live, and support.

Your product demo

Get to know CleverTap from the scratch. To book your personal product demo, fill out the form and start at your preferred date. Afterwards we will get in touch with you.

Please enter a valid work email

Please enter a valid phone number

  • Talk to us
    • Get relevant information on mobile marketing delivered to your inbox.
    Blog
    Categories
    Back to blog

    CleverTap Prioritizes Data Safety and Security with HIPAA Compliance

    Mrinal Parekh
    Mrinal Parekh Mrinal, Senior Product Marketing Manager at CleverTap, excels in B2B strategy, market planning, and product launches. Proven success at Razorpay and Amazon.
    • Published on March 3, 2021
    • Reading time 4 min read
    • Views 6.7k
    CleverTap Prioritizes Data Safety and Security with HIPAA Compliance

    Overview

    Building relationships requires consistent and personalized experiences across all touchpoints. Data plays an essential role in delivering relevant, timely content. Health and wellness apps are no exception and are quickly innovating to make it easier for consumers to access and monitor their medical information using mobile apps. While efficient use of health data to provide valuable services becomes more common, the need to protect the data captured by apps is also becoming apparent.
    Ensuring that customer data is safe and secure is one of our top priorities. CleverTap is now compliant with the Health Insurance Portability and Accountability Act (HIPAA) to support businesses that handle personal health-related data. HIPAA requires the protection and confidential handling of Protected Health Information (PHI) by covered entities who are individuals and organizations that are subject to its requirements. By becoming HIPAA compliant, CleverTap helps customers satisfy HIPAA requirements to maintain compliance.
    What is HIPAA and What’s Considered Protected Health Information (PHI)?
    HIPAA is a US federal law that implements national standards to protect sensitive patient health information from being disclosed without the patient’s consent or knowledge. The HIPAA Privacy Rule protects all individually identifiable health information and affects how it is accessed, stored, and shared in any form or media, whether electronic, paper, or spoken aloud. The HIPAA Security Rule requires appropriate administrative, physical, and technical safeguards to ensure the confidentiality, integrity, and security of electronic PHI. 
    PHI is any information that can be used to identify an individual seeking healthcare. It includes identity information, medical records, conversations with doctors and other healthcare professionals, and billing information with patient identifiable information on it. Examples of PHI include patient name, address, phone numbers, dates (birth, admittance, discharge) medical record numbers, account numbers, and email addresses.
    HIPAA Rules Apply to Covered Entities and Business Associates
    HIPAA requires the protection and confidential handling of PHI by covered entities. Any organization that falls under the definition of covered entity under HIPAA has to comply. Covered entities include health care providers, health plans, and health care clearinghouses that electronically store and transmit any health information. If these entities create their own mobile applications that collect, store, or use PHI, then these mobile apps must be HIPAA compliant.
    By law, the HIPAA Privacy Rule applies only to covered entities. However, most health care providers and health plans do not carry out all of their health care activities and functions by themselves. A business associate is a person or entity that collects, stores, maintains, or transmits any PHI on behalf of a covered entity. 
    HIPAA is Part of Our Overall Commitment to Data Privacy & Security
    CleverTap is now HIPAA compliant to better support all brands working with PHI including many health and wellness companies. 
    In addition to HIPAA, CleverTap offers robust security solutions and meets global compliance standards. CleverTap continually invests in people, processes, and technology to comply with international standards and regulatory requirements. 
    To ensure the highest level of data security, CleverTap applies the most rigorous administrative, technical, and physical safeguards.
    User data is always protected by adhering to the highest security standards and encryption. 

    • CleverTap is hosted on Amazon Web Services, the world’s most secure global infrastructure platform. Data is stored in independent AWS servers, separated by region. 
    • While customer data in a region is stored in the same server, it is logically separated by multiple techniques to prohibit data transfers between customers.
    • Data in transit is encrypted using the latest TLS protocols. 
    • Security testing is integrated throughout the software development lifecycle.
    • Security is maintained throughout the application, network, and data layers.

    Organizations have full control over data access and authorizations.

    • CleverTap offers powerful and flexible features so that only authorized staff has access, including two-factor authentication, single sign-on, role-based access control, advanced role-based access control, and campaign approval workflows. 

    Global Compliance and Certifications

    • CleverTap’s cloud service provider, AWS, complies with a wide range of security standards. 
    • CleverTap meets global, regional, and industry-specific compliance standards including GDPR (Europe), GDPR-K (Europe), COPPA (United States), CCPA (California), and HIPAA BAA (health industry). These compliance standards govern collection, storage, and sharing of a user’s personal data. 
    • CleverTap is ISO-27001 (global), SOC 2, and Safe To Host certified. The processes, security controls, and technology used by CleverTap are audited by third-party companies or independent auditors.

    For tips on the measures you can take to make your mobile app HIPAA compliant, refer to our blog on How CleverTap Customers Address HIPAA Compliance Within their Marketing Organizations.
    Our privacy and security team is dedicated to helping you confidently maintain compliance when using our platform. If you have any questions or concerns, please reach out to us at security@clevertap.com

    See how today’s top brands use CleverTap to drive long-term growth and retention

    Schedule a Demo Now!

    Last updated on March 14, 2024
    Popular Tags
    Related Posts
    The Future of Push Notifications: Navigating Beyond Mi Push Deprecation
    Product
    The Future of Push Notifications: Navigating Beyond Mi Push Deprecation
    Abhinav Wagadre
    February 28, 2024
    The CX Revolution: Data Explosion, Prescriptive Experiences, and Trust-Focus
    Product
    The CX Revolution: Data Explosion, Prescriptive Experiences, and Trust-Focus
    Subharun Mukherjee
    January 8, 2024
    The Email Marketing Revolution: How AMP for Email Transforms the Landscape
    Product
    The Email Marketing Revolution: How AMP for Email Transforms the Landscape
    shreejith parameswaran
    October 19, 2023