Announcing HIPAA Compliance for the Whereby Embedded Platform

In the past years, we focused our efforts on strengthening Whereby’s security and we are well on our way, although we are conscious it is a continuous journey. We received an ISO27001 certification and continuously undergo regular penetration tests on our infrastructure while working with security researchers via our Vulnerability Disclosure Policy. But our efforts don’t just stop there. 

We are therefore proud to announce that the Whereby Embedded platform now has a HIPAA compliant add-on which can be used by HIPAA regulated customers. 

What is HIPAA? 

HIPAA stands for Health and Insurance Portability and Accountability Act of 1996 and is a US Public US Law that requires the adoption of national standards for proper appropriate and secure handling of electronic health data. In other words, healthcare providers in the US must conform to the HIPAA standards that ensure they process protected health data in a responsible, private and secure manner.

How does HIPAA work with Whereby Embedded? 

As Whereby can seamlessly integrate with online applications, various Telehealth providers in the US use Whereby to provide meaningful video connections. Whereby’s end-to-end encryption capabilities ensures that Whereby does not get access to protected health information. Even if health information would be mentioned over a call, it would remain private and nobody, not even Whereby, can access it. 

Whereby’s infrastructure and settings have also been developed so that the On-Demand HIPAA compliant setup is ready to be used, which encompasses more than the end-to-end encryption capabilities. 

If you want to find more information about this, feel free to reach out to your Whereby contact. 

How do I get HIPAA compliant with Whereby? 

The HIPAA compliant package is available, on demand, as part of our yearly pricing. 

If you want to set it up yourself today, you can find our step-by-step guide in our developer documentation here.