HIPAA
HIPAA Compliance
The vendor gate for hospital systems, clinics, and insurers. Full compliance program for any platform handling Protected Health Information, from gap assessment through audit-ready documentation. 22 enforcement actions in 2024 alone.
Related frameworks
HealthTech rarely deploys HIPAA alone.
Hospital procurement typically asks for SOC 2 alongside HIPAA. EU-facing health apps add GDPR. AI-enabled clinical systems add ISO 42001. The control overlap across all four is substantial.
HIPAA
Protected Health Information
SOC 2
Shared Security
GDPR
EU health apps
ISO 27001
International ISMS
ISO 42001
Clinical AI governance
HITRUST CSF
Prescriptive mapping