Acquia DAM meets the rigorous requirements of Health Insurance Portability and Accountability Act (HIPAA). This includes the Portals, Workflow, Entries, Insights, and Templates apps. While Acquia DAM is not intended to store private health information (PHI) assets directly, HIPAA readiness ensures that PHI stored as DAM metadata is protected, secure, and adhering to HIPAA guidelines.
Acquia signs Business Associate Agreements (BAAs) with customers in and around the healthcare and wellness industries.
FAQs¶
Will I pay more for HIPAA readiness? ¶
To offer and maintain HIPAA readiness, Acquia completes annual audits, training, data encryption and protection, and more to support HIPAA requirements.
We charge a nominal fee to our customers who require HIPAA readiness, so we can continue offering these capabilities in the future.
When did Acquia DAM become HIPAA-ready?¶
DAM became HIPAA-ready in 2024.
How did you determine HIPAA readiness? ¶
Acquia performed an extensive HIPAA-readiness assessment to confirm that the Acquia DAM conforms to and aligns with HIPAA’s privacy requirements. DAM was also audited by an external, independent team to confirm Acquia DAM meets HIPAA's standards for ethical and secure data management practices.
Is Acquia DAM an electronic health record (EHR) system? ¶
No. Acquia DAM is not intended to store PHI assets directly.
Please reach out to your account rep or [email protected] with any outstanding questions or needs.