There’s a brand new HubSpot update regarding sensitive medical information: in addition to updates on handling financial and personal data, HIPAA is now an available option!
HIPAA stands for Health Insurance Portability and Accountability Act, a legislation that aims to keep medical information safe through regulated data privacy practices. HIPAA governs the transmission of financial and administrative transactions, but one of its key components is what’s known as “HIPAA Compliance”.
HIPAA Compliance consists of several regulations, where it’s possible to point out the following:Navigate to the privacy and consent settings on your HubSpot instance. You’ll find a sensitive data section allowing you to configure how that data will be handled within your account. HubSpot already had the option to enable sensitive data settings for personal and financial information, but now it also includes HIPAA.
So, if you have health and medical data stored in your HubSpot instance, you must enable this setting to comply with this data’s regulations. Remember: Once enabled, the HIPAA setting can’t be turned off, and you will notice how it impacts your HubSpot instance in several areas.
If you enable the HIPAA setting and then create a property, you can mark it as data-sensitive if it will store medical information. This setup will encrypt the data stored in the property to comply with the necessary regulations.
Going back to the bulleted list of HIPAA regulations, the one that will help you answer this question is the Standards for Privacy of Individually Identifiable Health Information. We’ve already gone through what it is, but you must know that it covers information held orally, digitally, or in physical documentation.
This implies that information that includes a patient’s address, biometric identifiers, current physical or mental health condition (past and future, too!), and basically any other piece of personal and health-related information must be HIPAA compliant.
Therefore, enabling this setting in your HubSpot account is mandatory if you’re an institution that handles this type of data. That’s the only way to ensure that every property you create and tag as HIPAA-compliant follows the specific regulations required.
At SR Pro Marketing, we know data privacy and compliance are top priorities for institutions in different industries, and HIPAA is no exception. Leave it in the hands of professionals who can ensure your data management is up to date with regulations, HubSpot’s new features, and best practices. Contact us today!