HIPAA at Airtable
Airtable enables our customers to utilize our solution in compliance with the Health Insurance Portability and Accountability Act (HIPAA). This page outlines an overview of our HIPAA program and related offerings. Please navigate to the below HIPAA Datasheet to learn more about how Airtable supports HIPAA compliance.
What is HIPAA?
The Health Insurance Portability and Accountability Act of 1996 (HIPAA) is a United States federal law that establishes standards to protect the privacy and security of protected health information. This includes requirements to maintain reasonable and appropriate administrative, physical, and technical safeguards to ensure the confidentiality, integrity, and security of electronic protected health information (ePHI).
Three HIPAA Rules Establish Standards for Protecting Individuals’ Health Information
At Airtable, our product is designed to adhere to the three HIPAA Rules: Privacy, Security, and Breach Notification to ensure our customers can use our service in a HIPAA compliant manner.
The HIPAA Privacy Rule establishes standards to protect individuals’ identifiable health information including “electronic protected health information” and standardizes appropriate safeguards to protect the privacy of this information and limit the conditions on its usage and disclosure. For more information, please see: HIPAA Privacy Rule.
The HIPAA Security Rule establishes standards to protect individuals’ electronic protected health information and requires appropriate administrative, physical, and technical safeguards to maintain the confidentiality, integrity, and security of the electronic protected health information. For more information, please see: HIPAA Security Rule.
The HIPAA Breach Notification Rule establishes guidelines to ensure that HIPAA Covered Entities and their Business Associates provide appropriate notifications following a breach of unsecured electronic protected health information. For more information, please see: HIPAA Breach Notification Rule.
Airtable Offerings to Support HIPAA
HIPAA is available on our Enterprise Scale Plan and customers will need to sign Airtable’s Business Associate Addendum. Additionally, we provide our Enterprise Scale customers with the following offerings to support your organization's HIPAA compliance.
Enterprise Key Management
Airtable's EKM offering allows you to encrypt your organization’s applications using keys you own. For additional information on EKM, please navigate to this page.
Data Loss Prevention (DLP)
Airtable provides a set of APIs that integrate with data loss prevention (DLP) providers, allowing companies to proactively monitor and manage their sensitive data hosted on Airtable. For additional information on DLP, please navigate to this page.
Enterprise Single Sign-On (SSO)
Single sign-on (SSO) allows users to log in to many websites or apps with one set of login details. For more information on enablement of SSO within Airtable's admin panel, please navigate to this page.
Enterprise Audit Logs
Enterprise audit logs allow admins to monitor activity within their organizations. For additional information on accessing Audit Logs in the admin panel, please navigate to this page.
Ensuring Compliance with HIPAA
Please navigate to the HIPAA Datasheet for a comprehensive guide of Airtable's functionality that aligns with HIPAA.