HIPAA Compliant Email Marketing Apps
Listing 2 Results for “Email Marketing Apps”
Mailchimp provides security measures to reduce the risk of unauthorized access, including physical security controls and encryption. Since encryption is built into the service, it meets certain HIPAA compliance regulations. But Mailchimp doesn’t guarantee that all HIPAA compliance standards are met.According to Mailchimp’s terms and conditions, customers are responsible for ensuring they comply with regulations like HIPAA. Mailchimp explicitly states that it isn’t liable if the service violates HIPAA regulations.Uploading patient information to a Mailchimp email list is a disclosure of Patient Health Information (PHI). That makes Mailchimp a business associate. If a HIPAA-covered entity uses Mailchimp services, a Business Associate Agreement must be in place for Mailchimp to meet HIPAA compliance requirements.Without a signed BAA, Mailchimp doesn’t comply with HIPAA, so it shouldn’t be used with any form of PHI.
HIPAA compliance is available with ActiveCampaign’s Enterprise plan. The security page states that ActiveCampaign will meet HIPAA standards for enterprise-level customers, but no further information is available about specific security features for HIPAA compliance.The company stresses that each customer is responsible for using the service in a HIPAA-compliant manner. ActiveCampaign provides security to support these needs. According to the HIPAA Security Rule, entities and business associates must take reasonable steps to protect PHI, including end-to-end security. ActiveCampaign will sign itd own Business Associate Agreement (BAA) with covered entities. Covered entities must have an enterprise plan and complete a signed BAA before using this service for PHI.