Paubox blog: HIPAA compliant email made easy

Is Woopra HIPAA compliant?

Written by Kapua Iao | March 23, 2022

HIPAA (the Health Insurance Portability and Accountability Act of 1996) is U.S. legislation created to improve healthcare standards. Covered entities and their business associates must be HIPAA compliant to protect the rights and privacy of patients and their protected health information (PHI).

We know the HIPAA industry is vast and that it is important to work well and communicate with patients while remaining HIPAA compliant.

SEE ALSO: HIPAA compliant email

This is especially true with the recent move toward remote working and the increase in cyberattacks against healthcare. Today, we will determine if Woopra is HIPAA compliant or not.

 

About Woopra

 

Woopra is a customer journey and product analytics software tool. It provides real-time customer analytics service to help an organization optimize a customer’s lifecycle.

SEE ALSO: What is customer experience management (CEM or CXM)?

The company delivers live, granular behavioral data. Moreover, its tool integrates with other service providers (e.g., Dropbox and Google Drive) for seamless delivery. This allows organizations to take real-time action to be able to target and connect with their customers.

 

Woopra and the business associate agreement

 

A major part of HIPAA compliance is ensuring a business associate will sign a business associate agreement (BAA). A business associate is a person or entity that performs certain functions or activities that involves the use or disclosure of PHI.

In this instance, Woopra is a business associate of a healthcare organization if it works with any data that includes electronic PHI (ePHI), like a name or an email address. Generally, the HIPAA Privacy Rule allows healthcare providers to disclose PHI if they receive assurance that the information is protected through a signed BAA.

There is no mention of HIPAA or a BAA on the Woopra website.

 

Woopra and data protection

 

While Woopra does not mention PHI protection, it does state in its privacy policy that the company takes “steps to help protect the personal data.” At the same time, there is no guaranteed security. Moreover, specific cybersecurity features are not listed online beyond password security.

Woopra does mention using Google Cloud and Amazon Web Services, each of which provides its own controls. Woopra does note that it may use personal data to tailor content and market or promote. And that it may share personal data with affiliates/service providers. Especially since Woopra integrates with third-party social media platforms like Facebook, Google, and LinkedIn.

RELATED: Social media & HIPAA compliance: The ultimate guide

Opt-outs are possible for organizations that know how.

 

Is Woopra HIPAA compliant?

 

The BAA is a key component of HIPAA compliance and Woopra does not appear to sign a BAA. If a data breach or HIPAA violation occurs and any PHI is accessed, the covered entity is liable.

Conclusion Woopra is not HIPAA compliant.

 

Try Paubox Email Suite for FREE today.