Yes, Submittable is HIPAA compliant.
What is HIPAA?
HIPAA is the acronym for the Health Insurance Portability and Accountability Act. It’s U.S. legislation that’s meant to protect individuals’ medical records and personal information.
HIPAA establishes safeguards and best practices that healthcare providers and others must follow to protect the privacy of health data.
Why is Submittable HIPAA compliant?
While Submittable isn’t a healthcare provider, many of our customers are, or they may need to collect and review healthcare information in some capacity. Being HIPAA compliant means these organizations can use Submittable with confidence, knowing it meets these regulations and that their users personal health information is safe.
A few of the updates we've made to ensure HIPAA compliance include:
putting safeguards in place to protect patient health information;
limiting use and sharing of protected health information to a minimum;
updating Submittable’s file viewer so that HIPAA-compliant customers download audio or video, rather than view it in the browser, to meet the law’s requirements;
and, adding procedures to limit who can access patient health information, and training programs about how to protect this data.
Can you sign a BAA?
Yes, Submittable can sign a HIPAA BAA, or business associate agreement. This is a contractual and regulatory agreement confirming that both parties satisfy HIPAA regulatory requirements. Contact your Submittable sales rep or account manager, or firstname.lastname@example.org, to learn more about getting a HIPAA BAA.