HIPAA-enabled CMS
Describes the differences and the features that are excluded from a HIPAA-enabled CMS (SaaS).
A HIPAA-enabled CMS complies with HIPAA regulations, which are essential for healthcare organizations and businesses that handle Protected Health Information (PHI). Optimizely CMS includes auditing and security measures to protect patient data and ensure privacy.
Note
This content applies also to the PaaS Portal and Deployment API.
Important
A HIPAA-enabled CMS is not compatible with other non-HIPAA enabled Optimizely products. Data exchange outside the platform is only allowed with other HIPAA-enabled integrations, ensuring that all data handling remains compliant. You must ensure any integrations or additional tools you use are also HIPAA-compliant.
Features and third-party integrations in CMS that are not HIPAA-compliant are modified or restricted to ensure that data exchanges are secure and compliant. The following features are excluded from CMS (PaaS and SaaS) for HIPAA compliance:
- SendGrid SMTP
- Production database exports
- Content sync-down
- Edge log exports
- Ability to start a project migration
Differences between standard and HIPAA-enabled CMS offerings
The following table compares the standard and HIPAA-enabled CMS with specific capabilities and benefits relevant to healthcare organizations:
Aspect | Standard CMS | HIPAA-enabled CMS |
---|---|---|
Compliance and security | Standard security measures | Additional auditing and security for HIPAA compliance |
Feature and integration restrictions | Full feature and integration availability | Certain features and integrations restricted for HIPAA compliance |
Data exchange | Flexible data exchange options | Data exchange only with HIPAA-enabled integrations |
Exclusions in PaaS & SaaS | Features like SendGrid SMTP, database exports, and so on, are available | Excludes SendGrid SMTP, database exports, content sync-down, edge log exports, and project migration |
Compatibility | Compatible with a wide range of Optimizely products | Not compatible with non-HIPAA enabled Optimizely products |
Capabilities and benefits | General content management capabilities | Delivers personalized experiences based on health needs and history. Tests content, layouts, and campaigns for effectiveness. Provides analytics and insights into performance and behavior |
Updated about 10 hours ago