HIPAA Compliance

HIPAA Compliance

Last Updated: March 15, 2026

Table of Contents
Introduction
What is HIPAA?
Is Abgrat a Covered Entity?
Our HIPAA-Compliant Approach
Technical Safeguards
Administrative Safeguards
Physical Safeguards
Protected Health Information
Patient Rights
For Healthcare Professionals
Limitations & Responsibilities
Frequently Asked Questions
Contact Us

Introduction

This page aims to clarify Abgrat's relationship with the Health Insurance Portability and Accountability Act (HIPAA) and explain:

  • ✅ Whether HIPAA applies to Abgrat
  • ✅ How we protect health information
  • ✅ What this means for you as a user
  • ✅ Your obligations and responsibilities
Important Legal Disclaimer

This clarification is for informational purposes only and does not constitute legal advice. If you are a healthcare professional or HIPAA-covered entity, consult your legal advisor, review your HIPAA obligations, and ensure compliance with all applicable laws.

What is HIPAA?

HIPAA (Health Insurance Portability and Accountability Act of 1996) is a US federal law that protects the privacy and security of health information.

Key Components of HIPAA

1. Privacy Rule

Establishes national standards for protecting health information, governs the use and disclosure of Protected Health Information (PHI), and gives individuals rights over their health information.

2. Security Rule

Sets standards for protecting electronic PHI (ePHI), requires administrative, physical, and technical safeguards, and ensures confidentiality, integrity, and availability.

3. Breach Notification Rule

Requires notification of unsecured PHI breaches, specifies notification timelines, and determines who must be notified.

4. Enforcement Rule

Specifies procedures and penalties for violations, enforced by HHS, and can result in civil and criminal fines.

5. Business Associate Rule

Extends HIPAA requirements to business partners, requires Business Associate Agreements (BAAs), and holds business associates directly responsible.

Is Abgrat a Covered Entity Under HIPAA?

No, Abgrat is not a HIPAA-covered entity

Abgrat is a direct-to-consumer health information platform, not:

  • ❌ Not a healthcare provider
  • ❌ Not a health plan
  • ❌ Not a healthcare clearinghouse

Abgrat is also not a business associate because we do not operate on behalf of covered entities, interact directly with consumers, and collect information voluntarily from users.

Our HIPAA-Compliant Approach

Although HIPAA does not legally apply to us, we voluntarily adhere to HIPAA standards as best practices.

Why We Follow HIPAA Standards

  • 1️⃣ Stronger User Protection
  • 2️⃣ Building Trust
  • 3️⃣ Future Readiness
  • 4️⃣ Operational Excellence

Standards We Apply

  • ✅ Technical Safeguards
  • ✅ Administrative Safeguards
  • ✅ Physical Safeguards

Technical Safeguards

Access Control

  • Unique user identifiers
  • Emergency procedures
  • Automatic termination
  • Encryption

Audit Controls

  • Comprehensive logging
  • Regular reviews
  • 6-year retention

Integrity Controls

  • Authentication mechanisms
  • Tamper protection
  • Regular backups

Transmission Security

  • TLS 1.3 protection
  • End-to-end encryption
  • Trusted certificates

Frequently Asked Questions

Contact Us

Compliance Questions

    Privacy Questions

      Security Questions

        General Support

          This clarification is for informational purposes only and does not constitute legal advice. Consult an attorney for specific guidance on HIPAA compliance.

          Last Updated: March 15, 2026Version: 2.0© 2026 Abgrat. All rights reserved.