Is FlowMapp HIPAA compliant?

Featured image

Share this article

FlowMapp logo

HIPAA (the Health Insurance Portability and Accountability Act of 1996) is U.S. legislation created to improve healthcare standards.

Covered entities and their business associates must be HIPAA compliant to protect the rights and privacy of patients and their protected health information (PHI).

We know the HIPAA industry is vast and that it is important to work well and communicate with patients while remaining HIPAA compliant.

SEE ALSO: HIPAA compliant email

This is especially true with the recent move toward remote working and the increase in cyberattacks against healthcare.

Today, we will determine if FlowMapp is HIPAA compliant or not.

About FlowMapp

FlowMapp is a user experience tool used to visualize a customer’s experience with an organization.

With this and similar products, organizations can centralize and standardize customer information to improve and enrich encounters.

RELATED: What is a customer journey map?

FlowMapp helps organizations design websites, apps, and related products to ensure strong customer relations. Organizations use FlowMapp to create customer stories and capture key moments with a customer to enhance communication.

FlowMapp and the business associate agreement

A major part of HIPAA compliance is ensuring a business associate will sign a business associate agreement (BAA). A business associate is a person or entity that performs certain functions or activities that involves the use or disclosure of PHI.

In this instance, FlowMapp is a business associate of a healthcare organization if it works with any data that includes electronic PHI (ePHI), like a name or an email address.

Generally, the HIPAA Privacy Rule allows healthcare providers to disclose PHI if they receive assurance that the information is protected through a signed BAA.

There is no mention of healthcare, HIPAA, or a BAA anywhere on the FlowMapp website.

FlowMapp and cybersecurity

FlowMapp’s Security web page states, “Keeping our customers’ data secure is the most important thing that FlowMapp does. We go to considerable lengths to ensure that all data sent to FlowMapp is handled securely.” The web page then lists its security features:

  • Access controls
  • Regular updates
  • Full redundancy and backup
  • Continuous monitoring
  • Firewall

Data in transit is secured with Secure Sockets Layer (SSL) and AES 256-bit encryption.

RELATED: What is transport layer security (TLS)?

At the same time, its Privacy Policy emphasizes, “While we strive to use commercially acceptable means to protect your Personal Data, we cannot guarantee its absolute security.” In fact, FlowMapp includes a section about using the remarketing services of Google Ads and Facebook Ads.

SEE ALSO: Are retargeting ads HIPAA compliant?

Moreover, the company also affirms that it collects customers’ personally identifiable information (PII) as well as usage data (e.g., IP address).

Is FlowMapp HIPAA compliant?

The BAA is a key component of HIPAA compliance and FlowMapp does not appear to sign a BAA nor offer any security specifically for healthcare organizations.

Furthermore, FlowMapp states that data on its site is not guaranteed secure. If a data breach or HIPAA violation occurs and any PHI is breached, the covered entity is liable.

Conclusion

FlowMapp is not HIPAA compliant.

Try Paubox Email Suite for FREE today.
Author Photo

About the author

Kapua Iao

Read more by Kapua Iao

Get started with
end-to-end protection

Bolster your organization’s security with healthcare’s most trusted HIPAA compliant email solution

The #1-rated email encryption 
and security software on G2

G2 Badge: Email Encryption Leader Fall 2022
G2 Badge: Security Best Usability Fall 2022
G2 Badge: Encryption Momentum Leader Fall 2022
G2 Badge: Security Best Relationship Fall 2022
G2 Badge: Security Users Most Likely to Recommend Fall 2022
G2 Badge: Email Gateway Best Relationship Fall 2022
G2 Badge: Email Gateway Best Meets Requirements Fall 2022
G2 Badge - Users Most Likely to Recommend Summer 2022
G2 Badge: Email Gateway Best Results Fall 2022
G2 Badge: Email Gateway Best Usability Fall 2022
G2 Badge: Email Gateway Best Support Fall 2022
G2 Badge: Email Gateway Easiest To Use Fall 2022
G2 Badge: Email Gateway Easiest Setup Fall 2022
G2 Badge: Email Gateway Easiest Admin Fall 2022
G2 Badge: Email Gateway Easiest to do Business with Fall 2022
G2 Badge: Email Gateway Highest User Adoption 2022
G2 Badge: Email Gateway High Performer Fall 2022
G2 Badge: Email Gateway Momentum Leader Fall 2022
G2 Badge: Email Gateway Most Implementable Fall 2022
G2 Badge: Email Gateway Users Most Likely to Recommend Fall 2022