HIPAA Information

Understanding HIPAA compliance and how RxAI supports your regulatory requirements.

Important: No Official HIPAA Certification

HIPAA has no official certification program. There is no government body or agency that "certifies" HIPAA compliance. Instead, covered entities and business associates must implement appropriate administrative, physical, and technical safeguards to protect protected health information (PHI).

How RxAI Supports HIPAA Requirements

Administrative Safeguards

  • • Security officer designated
  • • Workforce training programs
  • • Access management procedures
  • • Business Associate Agreements
  • • Incident response procedures

Technical Safeguards

  • • Encryption in transit and at rest
  • • Access controls and authentication
  • • Audit logs and monitoring
  • • Automatic logoff
  • • Data integrity controls

Business Associate Agreements (BAAs)

What is a BAA?

A Business Associate Agreement is a contract required by HIPAA between a covered entity and a business associate that handles PHI.

When You Need a BAA

  • • Processing prescription information
  • • Storing patient identifiers
  • • Video logs containing PHI
  • • Analytics on patient data

RxAI BAA Coverage

We sign BAAs with all Enterprise customers who handle PHI through our platform.

BAA Includes

  • • Permitted uses and disclosures
  • • Safeguard requirements
  • • Incident notification procedures
  • • Data retention and deletion
  • • Subcontractor agreements

Your HIPAA Responsibilities

As a covered entity, you remain responsible for:

  • • Ensuring RxAI is used only for permitted purposes
  • • Training staff on HIPAA requirements
  • • Implementing your own administrative safeguards
  • • Reporting any suspected breaches
  • • Maintaining documentation of HIPAA compliance efforts

Free Mobile App Considerations

The free RxAI mobile app stores data locally on your device. Consider these HIPAA factors:

Lower Risk Features

  • • Basic pill counting (no patient data)
  • • Local-only storage
  • • No cloud synchronization
  • • Device-level encryption

Higher Risk Scenarios

  • • Photographing prescription labels
  • • Recording patient identifiers
  • • Shared or unencrypted devices
  • • Unsecured device backups

Need HIPAA Guidance?

Our team can help you understand how RxAI fits into your HIPAA compliance program.

View Security Details Contact Us