The Health Insurance Portability and Accountability Act (HIPAA) is a U.S. federal law that protects the privacy and security of individuals’ health information. Companies building applications that handle healthcare data must comply with HIPAA.
Background
Since we launched PowerSync, we’ve received a bunch of requests to support HIPAA on PowerSync Cloud. Up till now, we’ve recommended to these customers that they should self-host PowerSync. But starting now, PowerSync Cloud is also a compliant option.
We have been SOC 2 Type 2 audited for several years now, so adding additional controls required for HIPAA compliance was luckily not a heavy lift. We were also able to work with our existing SOC 2 auditing firm to expand the scope of our annual compliance audit to cover HIPAA.
Build Healthcare Apps with PowerSync
We have a shared responsibility model when it comes to HIPAA compliance. The detailed breakdown of customer responsibilities vs. PowerSync responsibilities can be found in our documentation here.
If you want to start developing healthcare apps using PowerSync, the first step is to get in touch with us to sign a Business Associate Agreement (BAA). To request a BAA, email us at hello@powersync.com