Unlike other government regulations, it is not illegal for a company to slap a “HIPAA Compliant” tagline, which means we’ve seen an explosion in companies claiming some variance of compliance. The sneakiest marketing cons are the ones claiming to be “HIPAA Ready” — a deflection away from the fact that they aren’t compliant, but could be. The murky messaging found in the marketplace would prompt anyone to stop and ask again: How do you prove HIPAA compliance?
We delved into this topic in the latest entry to our Academy library. Here I discuss the various ways a technology company can prove whether they are compliant or not. Spoiler: the cheap options are flimsy, while the good options are expensive and time consuming. There is no easy way, but there are better ways than others.