Hipaa compliance

Welcome to the ActivePrime Blog

In our blog, you’ll find helpful and informative posts dedicated to improving CRM performance and usability. Our topics include deep dives on the technical aspects of CRMs like searching and data quality. You’ll also find insightful posts about user productivity and adoption.

How to Ensure HIPAA Compliance for Your CRM System

How to Ensure HIPAA Compliance for Your CRM System

START WITH ASSET CLASSIFICATION

Not all CRM data falls under HIPAA guidelines. The purpose of asset classification is to ensure a clear policy is in place for classifying data. Classifications are not defined by HIPAA, they are company specific. For instance, an organization may decide to classify CRM data into public data, private data, critical data, and protected data. In this definition protected data would be actual data requiring protection under HIPAA. Each CRM system data asset within an organization would be classified by the security team and typically assigned an owner. The owner is an individual responsible for ensuring the private data is appropriately protected.