Is AppsFlyer HIPAA compliant?

Featured image

Share this article

Apps Flyer logo

HIPAA (the Health Insurance Portability and Accountability Act of 1996) is U.S. legislation created to improve healthcare standards. Covered entities and their business associates must be HIPAA compliant to protect the rights and privacy of patients and their protected health information (PHI).

We know the HIPAA industry is vast and that it is important to work well and communicate with patients while remaining HIPAA compliant.

SEE ALSO: HIPAA compliant email marketing: What you need to know

This is especially true with the recent move toward remote working and the increase in cyberattacks against healthcare. Today, we will determine if AppsFlyer is HIPAA compliant or not.

About AppsFlyer

AppsFlyer is an SaaS mobile marketing analytics and attribution platform, headquartered in San Francisco, California. Mobile attribution is a method used to determine which campaigns, media partners, and channels tie with app installs. It connects actions with results.

Customers can use AppsFlyer to predict app growth and deliver extraordinary mobile experiences. They can also address app profitability, fraud/brand safety protection, and consumer experience with deep linking.

AppsFlyer and the business associate agreement

A major part of HIPAA compliance is ensuring a business associate will sign a business associate agreement (BAA). A business associate is a person or entity that performs certain functions or activities that involves the use or disclosure of PHI.

In this instance, AppsFlyer is a business associate of a healthcare organization if it works with any data that includes electronic PHI (ePHI), like a name or an email address. Generally, the HIPAA Privacy Rule allows healthcare providers to disclose PHI if they receive assurance that the information is protected through a signed BAA.

AppsFlyer does not mention a BAA on its website though several web pages mention that the company is HIPAA compliant. Organizations should call customer service to find out if a BAA is possible. A Data Processing Addendum is available online for countries subject to the EU General Data Protection Regulation.

AppsFlyer and data protection

Account security features include complex passwords and two-factor authentication. Like other, similar platforms, AppsFlyer utilizes Amazon Web Services and Google Cloud Platform for cloud security. The company encrypts all data, in transit and at rest, and there are options for IP masking.

Given the importance of minimizing personally identifiable information (PII) in a privacy web page, AppsFlyer insists that it implements strong technical and organizational measures to ensure data is safe. The privacy page further adds: “For apps that frequently handle sensitive information or protect[ed] health information (PHI). . . . We let you decide which data you share and with whom, while maintaining the strictest standards for compliance across every global market, including HIPAA.”

AppsFlyer further states that it takes a privacy by design approach for health and fitness apps dealing with PHI to keep “user data secure and HIPAA compliant.” As AppsFlyer does collect user data, it is unknown how it keeps some information more secure than others.

Is AppsFlyer HIPAA compliant?

The BAA is a key component of HIPAA compliance. AppsFlyer mentions several times that it is HIPAA compliant but does not mention signing a BAA. If it doesn’t sign a BAA and a data breach or HIPAA violation occurs, the covered entity is liable.

Conclusion

We are unable to determine if AppsFlyer is HIPAA compliant or not. 

Try Paubox Email Suite Plus for FREE today.
Author Photo

About the author

Kapua Iao

Read more by Kapua Iao

Get started with
end-to-end protection

Bolster your organization’s security with healthcare’s most trusted HIPAA compliant email solution

The #1-rated email encryption 
and security software on G2

G2 Badge: Email Encryption Leader Fall 2022
G2 Badge: Security Best Usability Fall 2022
G2 Badge: Encryption Momentum Leader Fall 2022
G2 Badge: Security Best Relationship Fall 2022
G2 Badge: Security Users Most Likely to Recommend Fall 2022
G2 Badge: Email Gateway Best Relationship Fall 2022
G2 Badge: Email Gateway Best Meets Requirements Fall 2022
G2 Badge - Users Most Likely to Recommend Summer 2022
G2 Badge: Email Gateway Best Results Fall 2022
G2 Badge: Email Gateway Best Usability Fall 2022
G2 Badge: Email Gateway Best Support Fall 2022
G2 Badge: Email Gateway Easiest To Use Fall 2022
G2 Badge: Email Gateway Easiest Setup Fall 2022
G2 Badge: Email Gateway Easiest Admin Fall 2022
G2 Badge: Email Gateway Easiest to do Business with Fall 2022
G2 Badge: Email Gateway Highest User Adoption 2022
G2 Badge: Email Gateway High Performer Fall 2022
G2 Badge: Email Gateway Momentum Leader Fall 2022
G2 Badge: Email Gateway Most Implementable Fall 2022
G2 Badge: Email Gateway Users Most Likely to Recommend Fall 2022