Skip to content

HubSpot announces HIPAA-compliant tools in public beta

  • Health

Healthcare companies and providers can now store HIPAA-protected data in the HubSpot customer relationship management platform to automate workflows, connect teams with closed-loop reporting and create campaigns with personalized information, the company said Tuesday.

WHY IT MATTERS

Support for storing sensitive data in HubSpot is now available globally with HIPAA-compliant tools available in public beta. Enterprise customers can enable these features in their Privacy & Consent settings, the company said in an announcement.

Since HubSpot was not previously HIPAA compliant as a standalone customer relationship management system, use cases for enhancing healthcare patient engagement with the inbound marketing, content management and operations platform have been limited. 

Enterprises managing compliance with privacy rules could piece together point solutions to get a single view of their customer, but the patchwork approach could disconnect teams and result in jumpy customer experiences.

While there were reportedly work-arounds that could make HubSpot HIPAA compliant, which typically involved using a CRM extension that was hosted separately and plugged into the HubSpot dashboard, many healthcare organizations opted for a HIPAA-compliant CRM. 

The ability to store protected healthcare information in a compliant manner now opens the door for providers and others to implement the HubSpot platform, said Jan Beery, president of global life sciences at Atypical Digital in a statement.

Beery said that Atypical has helped healthcare organizations implement HubSpot and has seen the impact unified data has on business growth.

By storing confidential customer data in HubSpot’s Smart CRM, health systems and others can use it for lead generation and automate marketing campaigns without work-arounds to stay in compliance and ensure the safety of PHI.

THE LARGER TREND

Provider operations that want to improve patient retention and grow their practices look to customizing healthcare consumer experiences to increase appointments and improve lead generation and patient experiences.

Personalized patient engagement relies on patient experience data, such as surveys and feedback, to better understand where patients, as consumers, are in their healthcare journey. 

Such efforts could get muddled in provider back offices and with website marketing tools that use online-tracking technology to get data about online patients, making HIPAA-compliant tools and processes a must for balancing marketing and privacy requirements.

In the case of online marketing tools, sharing protected health information with vendors without consent is considered an unauthorized disclosure for U.S. Health and Human Services, but some in the industry argue that connecting IP addresses of user devices to providers’ online patient education materials is not individually identifiable health information. There are currently cases against providers in court that could influence how the situation will play out. 

The nexus of technology and HIPAA compliance has evolved, however. In February, for instance, the Centers for Medicare clarified HIPAA compliance for texting by employees at critical access hospitals. 

In a memo, CMS acknowledged “significant improvements in the encryption and application interface capabilities of texting platforms to transfer data into electronic health records.”

ON THE RECORD

“Storing sensitive data in HubSpot has been the top customer request across industries,” said Andy Pitre, executive vice president of product at HubSpot. “It not only strengthens the Smart CRM as the single source of truth for customer data, it means businesses no longer need to piece together solutions just to have a single view of their customer.”

Andrea Fox is senior editor of Healthcare IT News.
Email: afox@himss.org

Healthcare IT News is a HIMSS Media publication.

Leave a Reply

Your email address will not be published. Required fields are marked *