The reach of Information Technology has extended in most of the domains and fields of human intervention, ranging from Automation to Weather Forecast. But one of the most important fields where IT has created a revolution is Medicine. Technology has certainly defined the narrow line of control between life and death by improving the quality of service and minimizing the delay in providing this service. This trend further increased the usage of technology in hospitals and among other medical practitioners. In the United States, Information Technology intervention in the field of medicine was so widespread in the 90’s that the Government decided to bring up new norms and regulations. This gave rise to The Health Insurance Portability and Accountability Act.

HIPAA ImageThe Health Insurance Portability and Accountability Act or HIPAA was formulated in 1996 by the United States Congress under the leadership of President Bill Clinton. HIPAA states a list of rules, regulations and norms that need to be followed in software used in the medical institution. The rules state specific conditions that need to be satisfied while using medical information of the citizens of the country. HIPAA generalized all these rules in order to make the process simple for software developers and cloud service providers who may work with medical data of citizens.  HIPAA has two sections which are called Title I and Title II. Title I includes rules and regulations which are aimed at protecting and safeguarding the rights of employees with respect to insurance policies and claims. Title II deals with integrity and security of medical health records, privacy policies and other information security norms.  Apart from these, we have a few more titles which are considered equally important as the first two.

HIPAA norms have been formulated considering the following points in focus:

  • Integrity of medical information
  • Security of medical information
  • Security of patient interest
  • Enforcement of right of privacy

HIPAA norms has to be verified and followed in both the software development aspect as well as the back-end or database side (where the information is actually stored). So, the software vendor or IT service provider has to ensure that:

  • Coding standards, algorithms and process flow do not violate any HIPAA compliance norms
  • The backend database architecture and security policies satisfy HIPAA criteria


It is advised that all IT service providers or any person using any medical information should make sure that the system that is using the medical information is100% HIPAA compliant. The failure to do so will lead to serious legal consequences. Presently, we have a couple of companies who provide assistance and support related to HIPAA compliance.

HIPAA has surely increased and affirmed the need and availability of privacy and security for medical information and patient details. This wonderful technology is currently active in US but it has a huge scope around the world. Let us hope we will see this trend soon in other countries as well.

We have the experience to help ensure your Salesforce CRM is HIPAA compliant.  Lean how Cirrius Solutions can help you today.