We take this opportunity to inform you that Zoho Campaigns will be HIPAA compliant from now on.
We are going to follow HIPAA regulations from September 21, 2021. HIPAA(Health Insurance Portability and Accountability Act) initiated by the U.S Department of Health and Human Services guarantees the safety of personal health information (PHI) belonging to U.S citizens while it's in the possession of concerned entities (Business Associates). Zoho does not collect, use, store or maintain health information protected by HIPAA for its own purposes. Also, Zoho Campaigns provides requisite features to help its users secure health related data within the premises of HIPAA compliance.
Why do you need to be HIPAA compliant?
As an email marketer, you can be in possession of your contacts' personal identifiable health information while providing certain services to them, or performing certain activities on behalf of them. This makes you liable for any security breach by unauthorized entities to access these data, thus you need to be HIPAA compliant and ensure that such adversities are prevented. Let's go through the features offered by Zoho Campaigns that will help you adhere to HIPAA regulations.
Marking custom fields
You can enable HIPAA compliance settings and create specific custom fields or mark the existing ones as Electronic Protected Health Information (ePHI). This will help you and the other users of the account identify individual health data from the rest of the information in your database.
You can encrypt the custom fields marked as ePHI. This will prevent anyone from breaching the security and accessing or tampering with those data. Since the data is encrypted at the database level, the actual information can't be seen by unauthorized entities.
Restrict transfer of personal health data
Upon enabling HIPAA compliance, Zoho Campaigns will let you decide how you want to handle ePHI. You can choose to restrict the unauthorized export and transfer of personal data by opting for these methods.
- Restrict data export
- Restrict data transfer through API
You can access Audit Logs to keep tabs on any alterations, exports or any other activities done with regards to the fields marked as ePHI. This feature will let you keep track of the audit trails of the past six months so that you can review and ensure that any changes done to these fields are approved by you.
If you want to learn more about HIPAA the you can access our help document
. You can also check our feature-based webpage
In case you have any queries, you can drop a message in the comments section or contact our support team at firstname.lastname@example.org
Happy email marketing!