HIPAA

The Health Insurance Portability and Accountability Act (HIPAA) is a U.S. federal law that requires protected health information (PHI) to be safeguarded and securely maintained. Virtru's encryption and key management capabilities help organizations protect PHI and support HIPAA compliance.

Business Associate Agreement

For organizations subject to HIPAA requirements, Virtru provides a standard Business Associate Agreement (BAA) that defines our mutual responsibilities for protecting protected health information (PHI). This legally required agreement ensures that Virtru maintains appropriate safeguards for your sensitive health data and complies with all applicable HIPAA regulations.

SOC 2 HIPAA Control Mapping

Virtru demonstrates how its Data Security Platform safeguards PHI by mapping HIPAA Security Rule requirements (defined by the U.S. Department of Health and Human Services) to related SOC 2 controls. This mapping can be found in Section 5 of our SOC 2 report, available upon request.