HIPAA Overview

  • Legal Center Home
  • Privacy Policy
  • Terms Of Use
  • Security Policy
  • Cookie Policy
  • GDPR Overview
  • GDPR Request Form
  • SOC 2 Overview
  • SOC 2 Request Form
  • HIPAA Overview
  • NIST 800-53 Overview
  • Data Processing Addendum
  • Sub-processors
  • Ethics Policy
  • Responsible Disclosure
  • Accessibility
  • Modern Slavery Statement
  • AI Chatbot Disclaimer
  • AI Disclaimer
  • TX-RAMP Level 2 Certification

The Healthcare Insurance Portability and Accountability Act is a regulatory framework established in the United States as federal law. It sets forth privacy guidelines to safeguard patient medical data and personal health information. It includes covered entities such as health insurance companies, healthcare providers, and business associates who assist them through creating, receiving, maintaining, or transmitting, protected health information.

Syncfusion’s Bold BI Embedded, On-Premise and Cloud products are software solutions that can be utilized by healthcare companies. Bold BI Embedded, On-Premise and Cloud products are considered a Business Associate under HIPAA. For healthcare providers using Bold BI Embedded, On-Premise and/or Cloud product(s), Syncfusion can provide secure handling and storage of sensitive patient data with the assurance of an independent third-party audit certifying we are compliant with HIPAA.

HIPAA FAQ

Are you compliant with HIPAA?

Yes, our Bold BI Embedded, On-Premise and Cloud products are certified as compliant with HIPAA. According to the “HIPAA certification is the process in which an independent third-party organization audits an organization to certify and confirm that the physical, technical, and administrative safeguards required for HIPAA compliance have been met.”

No, there is no official HIPAA certification for an organization or provider. HIPAA is a set of rules and guidelines for protecting healthcare information, enforced by the Office for Civil Rights (OCR) from the Department of Health and Human Services (HHS). We conduct our HIPAA certification audit as a security practice to ensure we are maintaining compliance and meeting the standards set forth in HIPAA and understand that there is no official certification for HIPAA compliance recognized by the HHS.

Syncfusion’s HIPAA report is available to current and prospective customers. Please contact our support or sales team to request access to the report. All requests are reviewed by our legal team to ensure the privacy and security of our internal systems and processes.

For any inquiries regarding our HIPAA compliance, please reach out to our support team through our official contact channels available  on the Syncfusion website or click here : https://www.boldbi.com/contact/

The definition of a Business Associate (BA) is an individual or entity that performs certain functions or activities that involve the use or disclosure of protected health information (PHI) on behalf of or provides services to a covered entity (such as a healthcare provider, health insurance provider, or healthcare clearinghouse), according to HIPAA regulations.

According to HIPPA regulations, a Business Associate Agreement (BAA) is a contract between a covered entity and a Business Associate that sets forth the Business Associates’ responsibilities regarding handling PHI. It outlines the safeguards that the Business Associate must implement to protect the confidentiality, integrity, and availability of PHI, and the Business Associate’s obligations to comply with HIPAA requirements, such as breach notification. The BAA ensures that business associates use, disclose, and safeguard PHI consistent with the covered entity’s privacy and security obligations under HIPAA.

Under HIPAA, the required level of authentication to maintain compliance includes ensuring that only authorized personnel have access to ePHI. According to regulations, this is achieved through a combination of these practices:

Unique User Identification: Assigning a unique name, number, or combination for identifying and tracking user identity.

Password Management: Implementing procedures for creating, changing, and safeguarding passwords.

Automatic Logoff: Implementing electronic procedures that terminate an electronic session after a predetermined time of inactivity.

Encryption and Decryption: Encrypting ePHI when it is being transmitted or stored to protect against unauthorized access.

Yes, BoldBI encrypts data both at rest and in transit.