The Health Insurance Portability and Accountability Act (HIPAA) was signed into law in 1996 with a clear mission: protect the privacy and security of your health information. Yet most Americans couldn't explain what HIPAA actually requires — or how it affects them.
What HIPAA Actually Protects
HIPAA's Privacy Rule covers "Protected Health Information" (PHI) — any information that can be used to identify you and relates to your health, healthcare, or payment for healthcare. This includes:
- Medical records and test results
- Insurance information
- Appointment histories
- Billing records
Who Must Comply
Healthcare providers, health plans, and clearinghouses are considered "covered entities" under HIPAA and must comply. Any business associate that handles PHI on their behalf — including cloud storage providers — must also comply.
ELDR and HIPAA Compliance
ELDR is built HIPAA-compliant from the ground up. Our AWS-based infrastructure employs:
- Encryption at rest and in transit for all stored data
- Access controls — you decide who sees what
- Audit logging to track every access to your records
- Business Associate Agreements (BAAs) with all our cloud providers
Your health data belongs to you. ELDR exists to make sure it stays that way.
