US English (US)
ES Spanish

Submit Article Requests

Do you have a suggestion for an article you would like to see created?
Feel free to submit this form and add your suggestions to our document board.

Please fill out the contact form below and we will reply as soon as possible.

  • Appcues Certifications & Training
  • Integration Hub
  • Contact Us
English (US)
US English (US)
ES Spanish
  • Docs home
  • Account Management
  • Subscription

HIPAA Compliance

Learn how to protect private health information and ensure your organization and Appcues account is compliant with HIPAA regulations.

Updated at June 20th, 2024

Submit Article Requests

Do you have a suggestion for an article you would like to see created?
Feel free to submit this form and add your suggestions to our document board.

Please fill out the contact form with the details about the help content you'd like to see.

  • Home

  • Installation & Developers

    • Web Experiences

      • Mobile Experiences

        • Workflows

          • Analytics & Data

            • Account Management

              • Best Practices

                • Integrations

                  Table of Contents

                  What is HIPAA? What is unique about a HIPAA-compliant Appcues account? How do I enable my account for HIPAA compliance? What is the Appcues Business Associate Addendum? More Information

                  What is HIPAA?

                  HIPAA, is the Health Insurance Portability and Accountability Act, a United States law that regulates the sharing of Protected Health Information (PHI).   More information about HIPAA and privacy can be found on the HHS.gov website.

                  What is unique about a HIPAA-compliant Appcues account?

                  Standard Appcues accounts are configured to keep data secure and confidential. However, to properly safeguard any PHI sent to Appcues, your analytics data will be stored in a database specifically certified for HIPAA compliance (by default all non-analytics data is stored in a HIPAA compliant way).  In addition legal agreements need to be signed that clearly state Appcues and the customers responsibilities to maintain HIPAA compliance.  

                  How do I enable my account for HIPAA compliance?

                  Please follow these steps: 

                  1. HIPAA compliance starts on the Appcues Enterprise plan levels; contact sales@appcues.com to discuss adding HIPAA compliance to your account. You will need your Appcues account ID.  As a part of this step they will provide you documents to review and sign. 
                  2. To protect your data, you must implement Identity Verification and review and adopt any relevant security features described in the Shared Responsibility Model for Security and Privacy.
                  3. You will need to sign the agreements provided by Appcues, including the Appcues Business Associate Agreement (BAA), and the Appcues Business Associate Addendum.  If you have a preferred BAA, Appcues can sign it, but even in that case you must also sign the Appcues Business Associate Addendum.
                  4. Once steps 1-3 are complete, the Appcues team can configure your account to be HIPAA compliant.
                  5. Once configured, Appcues will sign and return your BAA, signaling that your account is fully HIPAA compliant to process PHI.

                  What is the Appcues Business Associate Addendum?

                  Under HIPAA regulations, SaaS providers such as Appcues are considered business associates. The Business Associate Addendum is an Appcues contract that is required by Appcues to ensure that Appcues can appropriately safeguard protected health information (PHI). The Addendum also clarifies and limits, as appropriate, the permissible uses and disclosures of PHI by Appcues, based on the relationship between Appcues and our customers and the activities or services being performed by Appcues.

                  More Information

                  Appcues has a comprehensive security program that is documented in our Trust Center. You can find the answers to many common HIPAA questions in our Trust Center FAQ.

                  privacy laws hipaa rules health insurance portability and accountability act phi

                  Was this article helpful?

                  Yes
                  No
                  Give feedback about this article

                  Related Articles

                  • Shared Responsibility Model for Security and Privacy
                  • Identity Verification
                  Appcues logo

                  Product

                  Why Appcues How it works Integrations Security Pricing What's new

                  Use cases

                  Appcues Integration Hub User Onboarding Software Feature Adoption Software NPS & Surveys Announcements Insights Mobile Adoption

                  Company

                  About
                  Careers

                  Support

                  Developer Docs Contact

                  Resources

                  The Appcues Blog Product Adoption Academy GoodUX Case studies Webinar Series Made with Appcues Appcues University

                  Follow us

                  Facebook icon Twitter icon grey Linkedin icon Instagram icon
                  © 2022 Appcues. All rights reserved.
                  Security Terms of Service Privacy Policy

                  Knowledge Base Software powered by Helpjuice

                  Expand