Understanding HIPAA Information Protection Requirements

HIPAA enforecement is changing. Are you ready?

Learn how the Health and Human Service's Office of Civil Rights has updated its enforcement of Information Protection Requirements.

What are HIPAA's Information Protection Requriements?

Any disclosures that fall outside of healthcare treatment, payments, operations and the provisioning of healthcare that are not explicitly consented to in writing would be inappropriate disclosures.

Intentions are irrelevant to PHI disclosures. All disclosure actions (intended or not) must abide by HIPAA Privacy Rule requirements.




Simply put, HIPAA requires us to prevent data breaches.

Contact us

Is TLS Sufficient?

No. TLS only provides data privacy as data moves between systems. It does not prevent data breaches when an adversary is inside your system.

Is Encryption-at-Rest Sufficient?

No. Encryption-at-Rest only protects your data on physical storage. It does not prevent data breaches when an adversary is inside your system.

E2E-Encryption Protects PHI for HIPAA

E2E-Encryption prevents data breaches by keeping PHI encrypted for its entire lifecycle, instead of just when it moves between systems (TLS) or resides on a persistence layer (Encryption-at-Rest).

Our team is experienced

And we’re here to help

Peacemakr is a drop-in E2E-Encryption solution, but it may not be obvious how it applies to your specific HIPAA Information Protection Requirements. We'd love an opportunity to work with your engineers on how you might best approach these requirements.