Yes! As a certified Google Cloud Partner, the security and compliance measures that allow application support for HIPAA compliance are deeply ingrained in the infrastructure, security design, and products used within our platform.
We have implemented HIPAA regulated products and services which include
A US based multi-regional data centre to maximize the availability and durability of your data. (Multiple replicas of the database provide full redundancy)
End-to-end security of all data in motion (DIM) via TLS 1.3 encryption.
A cloud-based storage service which automatically stores your documents in an encrypted state.
An enterprise grade customer identity and access management (CIAM) platform to protect our global user account authentication.
Please note that there is no certification recognized by the US HHS for HIPAA compliance and that complying with HIPAA is a shared responsibility.
The case platform fully supports HIPAA compliance but ultimately you are responsible for evaluating your own HIPAA compliance requirements and we recommend you conduct regular access reviews.
As an self-service platform you control all users, their roles and permissions. To ensure that any sensitive data in your Case account can only be accessed by appropriate people, we recommend that you frequently review the list of your users and the permissions they have been granted.