Is TaxDome HIPAA-compliant?
TaxDome meets industry standards for online security but is not compliant with the HIPAA (Health Insurance Portability and Accountability Act) standards for privacy. If you are a healthcare professional, it is not recommended that you enter individually identifiable health information into TaxDome.
For more information on the subject, please consult the Department of Health and Human Services.
What is HIPAA?
HIPAA’s primary objective is to protect the confidentiality, integrity and availability of individually identifiable health information. Enacted in 1996, HIPAA addresses concerns regarding the security and privacy of healthcare data in the digital age.
HIPAA is particularly relevant for healthcare professionals, healthcare providers, health insurance companies and their business associates. It imposes strict requirements on how patient health information must be handled, stored and transmitted.
Key requirements under HIPAA
The key data safety requirements include:
- Implementing safeguards to protect the security and privacy of health information
- Providing patients with access to their health records
- Obtaining patient consent before disclosing their health information
- Notifying patients about their privacy rights
- Reporting data breaches and violations
What is individually identifiable health information?
Individually identifiable health information, often referred to as protected health information under HIPAA, is any data that can be linked to a specific individual and relates to their health or healthcare services. This information includes, but is not limited to:
1. Patient names, including their first name and last name in conjunction with health-related data.
2. Dates relevant to healthcare, such as birth dates, admission dates, discharge dates, appointment dates and treatment dates.
3. Geographic data, any information related to the patient's location, including addresses, city names or any other geographical identifiers.
4. Contact information including phone numbers, email addresses, fax numbers, and other contact details.
5. Social security numbers or any other government-issued identification numbers.
Individually identifiable health information is highly sensitive and requires stringent protection to ensure patient privacy and comply with HIPAA regulations.