Podium is a customer service platform that healthcare organizations can leverage to interact with their patients for appointment scheduling and confirmation, collection of payments, and soliciting patient reviews. For healthcare organizations to use Podium securely, they must have a BAA.
The fact that they have a business associate agreement (BAA) in place shows they comply with HIPAA regulations.
Podium, headquartered in Lehi, Utah, and established in 2014, is a startup that leverages cloud-based software. It specializes in helping organizations upgrade their customer communication and engagement processes. Its services include messaging solutions, managing client feedback data, and enhancing customers' online brand reputation.
A business associate agreement (BAA) is crucial to compliance with the Health Insurance Portability and Accountability Act (HIPAA) regulations. It's an agreement between a covered entity (like a healthcare provider) and a business associate (like a service provider) that outlines how the business associate should handle protected health information (PHI).
Healthcare organizations can use Podium to schedule and confirm appointments, collect payments, and solicit patient reviews, making it a business associate as it deals with the PHI submitted by healthcare organizations. Given its functions, it is essential to ascertain Podium’s HIPAA compliance status.
We reviewed Podium’s terms of service to ascertain its commitment to HIPAA compliance, and it demonstrates a willingness to enter into a BAA with clients that require it.
Podium emphasizes data security by following industry standards and best practices for protecting the client’s data. The security measures it implements include encryption of data in transit and at rest, security monitoring and logging, enterprise-class endpoint detection and response solutions, continuous integration and deployment, application security testing and scans, incident response, and security awareness training.
These measures showcase Podium's commitment to ensuring that the data submitted by their clients remains confidential and secure.
Go deeper: What is healthcare data security?
Podium demonstrates a commitment to comply with HIPAA standards by agreeing to enter into a BAA with clients bound by HIPAA regulations and through the data security measures it implements.
HIPAA compliance extends beyond just technical safeguards and software solutions. When evaluating a tool's or service's compliance, consider the following: