The Health Insurance Portability and Accountability Act of 1996 (HIPAA) is a US Federal legislation that provides data privacy and security provisions for safeguarding medical information. HIPAA includes provisions to protect the security and privacy of Protected Health Information (PHI). PHI includes a very wide set of personally identifiable health and health-related data, including insurance and billing information, diagnosis data, clinical care data, and lab results such as images and test results.
HIPAA was expanded in 2009 by the Health Information Technology for Economic and Clinical Health (HITECH) Act. HIPAA and HITECH establish a set of federal standards intended to protect the security and privacy of PHI.
No, AimiHub is not HIPAA compliant (even though the data centers AimiHub is hosted are), but it does not need to be.
Quality Improvement analyzes aggregated data and targets certain processes or the system as a whole. As such, there is no need to enter PHI in AimiHub. Our Customer Agreement specifically states that users should not enter PHI in AimiHub.
Although we are not HIPAA compliant we take security extremely seriously and have a robust digital and physical security in place.