Is InsideView HIPAA compliant?

Featured image

Share this article

InsideView and Demandbase logos

HIPAA (the Health Insurance Portability and Accountability Act of 1996) is U.S. legislation created to improve healthcare standards. Covered entities and their business associates must be HIPAA compliant to protect the rights and privacy of patients and their protected health information (PHI). Read here to find out if  InsideView is HIPAA compliant.

We know the HIPAA industry is vast and that it is important to work well and communicate with patients while remaining HIPAA compliant.

SEE ALSO: HIPAA compliant email marketing: What you need to know

This is especially true with the recent move toward remote working and the increase in cyberattacks against healthcare. Today, we will determine if InsideView is HIPAA compliant or not.

About InsideView

InsideView is a market intelligence and analytics solution for midsize to large businesses. Demandbase, a B2B market leader, purchased InsideView, as well as another product, DemandMatrix, in 2021. The company added both to its Demandbase One B2B Go-To-Market Suite.

Market intelligence consists of information like sales, customer data, survey responses, focus groups, and competitor research to drive sales. As an SaaS (software-as-a-service), InsideView integrates with CRM and marketing automation products to create profiles and deliver intelligence. InsideView provides access through APIs from over 40,000 sources.

InsideView and the business associate agreement

A major part of HIPAA compliance is ensuring a business associate will sign a business associate agreement (BAA). A business associate is a person or entity that performs certain functions or activities that involves the use or disclosure of PHI.

At this time, InsideView is a business associate of a healthcare organization if it works with any data that includes electronic PHI (ePHI), like a name or an email address. Generally, the HIPAA Privacy Rule allows healthcare providers to disclose PHI if they receive assurance that the information is protected through a signed BAA.

There is no mention of HIPAA or a BAA on the Demandbase website.

InsideView and data protection

As a part of Demandbase, InsideView is privy to its security measures, including physical and technological access controls. Consequently, this means:

  • Background checks and badges used at all physical entrances
  • Multifactor authentication
  • An extra layer of authentication to access the VPN (virtual private network)
  • Continuous monitoring and auditing

It also ensures encryption in transit (through TLS (Transport Layer Security)) and at rest. Encryption at rest only applies to personal data (i.e., PII or personally identifiable information) identified through unique field values or data required through digital advertising exchanges. Demandbase further states that it retains sensitive data only as long as required for legal, regulatory, and business requirements. And that the company will delete data if a customer makes a request. The website does not mention PHI.

Demandbase uses Amazon Web Services and the Google Cloud Platform for all of its cloud needs. This also means utilizing both platforms’ cybersecurity measures though Demandbase is responsible for its app within the cloud infrastructure.

Is InsideView HIPAA compliant?

The BAA is a key component of HIPAA compliance, but Demandbase does not appear to sign a BAA on behalf of InsideView. If a data breach or HIPAA violation occurs and any PHI is accessed, the covered entity is liable.

Conclusion

InsideView is not HIPAA compliant.

Try Paubox Email Suite Plus for FREE today.
Author Photo

About the author

Kapua Iao

Read more by Kapua Iao

Get started with
end-to-end protection

Bolster your organization’s security with healthcare’s most trusted HIPAA compliant email solution

The #1-rated email encryption 
and security software on G2

G2 Badge: Email Encryption Leader Fall 2022
G2 Badge: Security Best Usability Fall 2022
G2 Badge: Encryption Momentum Leader Fall 2022
G2 Badge: Security Best Relationship Fall 2022
G2 Badge: Security Users Most Likely to Recommend Fall 2022
G2 Badge: Email Gateway Best Relationship Fall 2022
G2 Badge: Email Gateway Best Meets Requirements Fall 2022
G2 Badge - Users Most Likely to Recommend Summer 2022
G2 Badge: Email Gateway Best Results Fall 2022
G2 Badge: Email Gateway Best Usability Fall 2022
G2 Badge: Email Gateway Best Support Fall 2022
G2 Badge: Email Gateway Easiest To Use Fall 2022
G2 Badge: Email Gateway Easiest Setup Fall 2022
G2 Badge: Email Gateway Easiest Admin Fall 2022
G2 Badge: Email Gateway Easiest to do Business with Fall 2022
G2 Badge: Email Gateway Highest User Adoption 2022
G2 Badge: Email Gateway High Performer Fall 2022
G2 Badge: Email Gateway Momentum Leader Fall 2022
G2 Badge: Email Gateway Most Implementable Fall 2022
G2 Badge: Email Gateway Users Most Likely to Recommend Fall 2022