HIPAA (the Health Insurance Portability and Accountability Act of 1996) is U.S. legislation created to improve healthcare standards. Covered entities and their business associates must be HIPAA compliant to protect the rights and privacy of patients and their protected health information (PHI).
We know the HIPAA industry is vast and that it is important to work well and communicate with patients while remaining HIPAA compliant.
SEE ALSO: HIPAA compliant email
FlowMapp is a user experience tool used to visualize a customer’s experience with an organization. With this and similar products, organizations can centralize and standardize customer information to improve and enrich encounters.
RELATED: What is a customer journey map?
FlowMapp helps organizations design websites, apps, and related products to ensure strong customer relations. Organizations use FlowMapp to create customer stories and capture key moments with a customer to enhance communication.
FlowMapp and the business associate agreement
A major part of HIPAA compliance is ensuring a business associate will sign a business associate agreement (BAA). A business associate is a person or entity that performs certain functions or activities that involves the use or disclosure of PHI. In this instance,
There is no mention of healthcare, HIPAA, or a BAA anywhere on the FlowMapp website.
FlowMapp and cybersecurity
FlowMapp’s Security web page states, “Keeping our customers’ data secure is the most important thing that FlowMapp does. We go to considerable lengths to ensure that all data sent to FlowMapp is handled securely.” The web page then lists its security features:
- Access controls
- Regular updates
- Full redundancy and backup
- Continuous monitoring
SEE ALSO: Are retargeting ads HIPAA compliant?
Moreover, the company also affirms that it collects customers’ personally identifiable information (PII) as well as usage data (e.g., IP address).
Is FlowMapp HIPAA compliant?
The BAA is a key component of HIPAA compliance and FlowMapp does not appear to sign a BAA nor offer any security specifically for healthcare organizations. Furthermore, FlowMapp states that data on its site is not guaranteed secure.
Conclusion: FlowMapp is not HIPAA compliant.