Blancco Is HIPAA Compliant

Jul 19, 2022 Blog Article

We’re pleased to announce that Blancco company processes around data lifecycle management are certified to be HIPAA compliant. What does this mean for you, our customer? Read on… 

George Janssen, Blancco Group Legal Counsel

George Janssen George Janssen heads up the Blancco Technology Group legal department, a position he’s held since 2018. In this role, George is responsible for the day-to-day legal operations of the Blancco group worldwide, including data privacy and compliance. With significant legal experience in international organizations focused on technology and software, George specializes in data privacy and data governance, data classification, intellectual property management and technology partnership.

What is HIPAA?

The Health Insurance Portability and Accountability Act of 1996, or “HIPAA,” is a U.S. law that protects individual privacy around healthcare data.

It includes national processes and security standards around electronic healthcare transactions and applies to health plans, healthcare clearinghouses, and healthcare providers that transmit certain health information in electronic form. It also applies to certain business associates (source).

One of the primary purposes of the Health Insurance Portability and Accountability Act is to provide federal privacy protections for individually identifiable health information and electronic personal health information (e-PHI).

How is Blancco HIPAA Compliant? 

As a company, we are committed to taking all appropriate data privacy and information security steps to protect PHI.  In addition, while we do not process any customer personal health information (PHI), this data can reside in the networks and hardware of Blancco’s data erasure customers.   

Related Reading: Leading Healthcare Institution Goes C02Neutral While Guaranteeing Data Sanitization

In 2022, Blancco leadership submitted the company to a HIPAA compliance check.  This HIPAA compliance check covered how we as business associates (or sub-contractors of business associates) manage our processes regarding our customers’ health care data. It also reviewed Blancco’s information security practices, privacy standards, and how we operate overall. As part of the HIPAA compliance certification, we also incorporated HIPAA training for key members of our North American sales team.   

The result is that our company “has been verified and validated” to have completed the requirements and documentation proving our good faith efforts, earning a Compliancy Group HIPAA Seal of Compliance.  

Blancco’s HIPAA Seal of Compliance Certificate from Compliancy Group, effective May 31, 2011 – May 31, 2023

HIPAA Compliance Requires Data Sanitization 

There are several components involved in HIPAA Compliance, and Blancco data erasure solutions assist organizations with two specific parts: the HIPAA Privacy Rule and the HIPAA Security Rule.  

Our solution brief, How Does Blancco Help Organizations Achieve HIPAA Compliance?, goes into detail, but essentially, these two Rules direct organizations on safeguarding the confidentiality, integrity, and availability of protected health information, including destroying such information when it is no longer needed.   

Software-based data sanitization, particularly when deployed automatically through policy-based rules, ensures that no-longer-needed information cannot be breached.  

Blancco solutions have been tested, certified, and approved for compliance with the most rigorous data protection standards. Our Certifications

What Does Blancco’s HIPAA Certification Mean for You? 

While becoming HIPAA compliant may sound daunting, our HIPAA-specific training, in addition to the information security and data privacy knowledge already in place, gives our team a solid understanding of where data erasure fits into helping you meet or exceed health care data protection requirements.   

Also, our team regularly reviews our data privacy and information security processes for the protection of our own employees, our business and our customers. HIPAA compliance is one way we demonstrate that our operations are in line with U.S. information security and data privacy principles.  

Globally, our ISO 9001 certification provides proof that we consistently offer products and services that meet stringent regulatory requirements. Our ISO 27001 accreditation highlights how to operate an excellent information security management system.  

Given the business we’re in, these processes are critical for our professional integrity. They’re also critical for ensuring that Blancco customers receive best-in-class products from a company that follows the data protection and privacy principles it advocates.  

Need to be HIPAA Compliant?

Download “How Does Blancco Help Organizations Achieve HIPAA Compliance?” to learn more about the best data erasure products on the market.