HIPAA (the Health Insurance Portability and Accountability Act of 1996) is U.S. legislation created to improve healthcare standards. Covered entities and their business associates must be HIPAA compliant to protect the rights and privacy of patients and their protected health information (PHI).
We know the HIPAA industry is vast and that it is important to work well and communicate with patients while remaining HIPAA compliant.
SEE ALSO: HIPAA compliant email
Optimove creates CRM (Customer Relationship Management) journeys through a real-time customer data platform.
By using Optimove, organizations can centralize and standardize customer information to improve and enrich a customer’s journey through centralized workflow management. The company uses analytics to automate how organizations market to customers. And Optimove does this using AI technology to transform customer data into actionable insights.
Moreover, Optimove has aligned with other leading partners (e.g., Salesforce) to bring end-to-end solutions to organizations.
Optimove and the business associate agreement
A major part of HIPAA compliance is ensuring a business associate will sign a business associate agreement (BAA). A business associate is a person or entity that performs certain functions or activities that involves the use or disclosure of PHI.
In this instance, Optimove is a business associate of a healthcare organization if it works with any data that includes electronic PHI (ePHI), like a name or an email address. Generally, the HIPAA Privacy Rule allows healthcare providers to disclose PHI if they receive assurance that the information is protected through a signed BAA.
There is no mention of a BAA on the Optimove website. The only reference to HIPAA is in a blog that states Optimove is compliant with “leading standards and regulations.” There is no other mention of HIPAA.
Optimove and data management
Moreover, Optimove adds that it uses Google Analytics, retargeting, and numerous cookies to collect information for marketing and advertising. Customers can opt-out if they are aware of the policy and know who to contact.
There is no mention of data storage or security beyond the fact that Optimove uses cloud technology.
Is Optimove HIPAA compliant?
Conclusion Optimove is not HIPAA compliant.