You might not have known, but Aiven is HIPAA compliant. We actually reached compliance back in December of 2018, but we wanted to get a few use cases under our belt before we announced it.
So, what does this mean on a practical level? This means that all Aiven services can be used in a HIPAA compliant manner in health care use cases and applications.
For those of you looking for Aiven services under HIPAA requirements, contact sales for a Business Associate Agreement (BAA).
Our current list of HIPAA-compliant services includes the following:
- Aiven Kafka
- Aiven PostgreSQL
- Aiven MySQL
- Aiven Elasticsearch
- Aiven Cassandra
- Aiven Redis
- Aiven InfluxDB
- Aiven Grafana
Now that you know we are compliant, let's take a brief overview of what HIPAA is, why it's important, and what compliance actually means and entails.
What is HIPAA and why is it important
HIPAA is the Health Insurance Portability and Accountability Act of 1996 passed by the United States legislature. It contains five titles(or sections) that cover everything from ensuring that people are not denied coverage for pre-existing conditions to the protection of their medical information.
When discussing HIPAA compliance, people are typically referring to Title II of HIPAA. This section establishes regulations for maintaining the privacy and security of protected health information. The privacy regulation pertains to a people, administrative, and contractual standpoint.
To be compliant, all organizations must be at least comply with the HIPAA Privacy regulation.
Meanwhile, the security regulation pertains to keeping electronic PHI safe from disasters, hackers, and electronic theft. Any organization that handles electronic data must meet both the privacy and security HIPAA regulations to be compliant.
HIPAA compliance is important for organizations that use data for health care use cases and applications. But it doesn't stop with you, your service providers must be as well: it is one of several compliance standards that we possess.