Strike has achieved HIPAA compliance
Giving our clients top-quality cybersecurity and being compliant with the most rigorous regulations is one of our main goals at Strike. This is why we are constantly working to ensure data protection security and privacy.
Recently, we achieved SOC II Type 2 compliance to solidify our position in the markets and reinforce our clients' trust. Now, we also obtained HIPAA attestation of compliance, which means we adhered to the physical, administrative, and technical safeguards outlined in such regulation to ensure Protected Health Information (PHI)’s privacy and security.
To achieve this milestone, we followed a thorough process provided by Prescient Assurance LLC and Vanta as our partners.
What is HIPAA?
HIPAA(Health Insurance Portability and Accountability Act) was established in the United States in 1996 as a federal law.
Regulated by the Department of Health and Human Services, this law has to be implemented by healthcare organizations to protect the security, privacy, and integrity of their information. Also, HIPAA applies to companies that relate to the healthcare industry. Some of them are:
The Covered Entities, that are any organizations that collect, create, or transmit PHI in an electronic way. An example of this would be a healthcare provider or insurance provider.
The Business Associates are the organizations that are related to PHI in their activities on behalf of a covered entity.
The main goal of this law is to protect the patient's information and avoid data breaches, cyberattacks, and stolen data.
What does HIPAA protect?
Since this law applies to the healthcare industry, the main object of protection in HIPAA is PHI.
This refers to any demographic information that can be used to identify a client or a patient from any entity that holds HIPAA. Some examples of PHI are names, addresses, emails, phone numbers, social security numbers, and medical records.
Strike’s process to get certified for HIPAA
Taking into account that having a third party attestation of compliance with HIPAA brings more confidence to our clients, achieving it was a must for us.
The first thing we did was search for a partner that could help us being more efficient in the preparation process. Vanta and Prescient Assurance LLC were the best options for us, because they helped us order our times and be ready for the attestation in a professional and efficient way.
Afterward, we created an internal, diverse team capable of handling all necessary tasks to meet the HIPAA requirements. With this team in place, we proceeded with the gap analysis, which had been previously overlooked, and assigned responsible individuals for each task. Fortunately, we discovered that many of the requirements had already been fulfilled because we had prioritized a secure product right from the beginning.
Why is being HIPAA-certified so important?
At Strike, we have the main goal of bringing top-quality cybersecurity to all kinds of clients. In order to do so, we need to make sure they are safe by providing them with rigorous security standards.
Since we work with all kinds of industries, such as fintech, crypto, finance, gaming, and even healthcare, we need to have specific requirements to comply with each of them. The HIPAA attestation will give more trust to our clients related to health in the USA, which implies a huge milestone for the company.