Datica Blog

How do you prove HIPAA compliance?

Travis Good, MD

Co-founder, CEO & Chief Privacy Officer

March 6, 2015   Compliance Company HIPAA

Without a doubt, this is one of the most important questions healthcare companies need to ask themselves and their partners: How to prove HIPAA compliance?

Unlike other government regulations, it is not illegal for a company to slap a “HIPAA Compliant” tagline, which means we’ve seen an explosion in companies claiming some variance of compliance. The sneakiest marketing cons are the ones claiming to be “HIPAA Ready” — a deflection away from the fact that they aren’t compliant, but could be. The murky messaging found in the marketplace would prompt anyone to stop and ask again: How do you prove HIPAA compliance?

We delved into this topic in the latest entry to our Academy library. Here I discuss the various ways a technology company can prove whether they are compliant or not. Spoiler: the cheap options are flimsy, while the good options are expensive and time consuming. There is no easy way, but there are better ways than others.

Take a look at our new Academy entry, and over 20 other descriptive articles about HIPAA, HL7, and compliance.


Contributing to open source projects and freely publishing tools we’ve built is what drives a lot of what we do and allows us to enable the future of compliance.

Next Post

Integrating with Epic, Cerner, Allscripts and every other EHR is a process — from security to management — that’s tricky, time consuming, and expensive.