5 things to know about Salesforce, HIPAA, and data security

by Paul B. Stevenson, MPA, CPA

When you work in the healthcare industry, everything you do revolves around HIPAA compliance. The Health Insurance Portability and Accountability Act (HIPAA) of 1996 is a prescriptive set of security standards and requirements intended to protect patient data. HIPAA is so critically important to healthcare organizations, in fact, that healthcare organizations tend to shy away from newer technologies, especially cloud-based solutions. To this day, less than half of healthcare IT professionals report being comfortable using cloud-based solutions, and only 30% have a strategy in place to move their organization’s data to the cloud, according to a 2018 survey assessing healthcare IT professionals’ attitudes toward cloud-based solutions.

But the healthcare industry is changing fast—and increasingly demanding next-generation, cloud-based technology solutions. As healthcare organizations pursue cloud technology, they’re finding that Salesforce has developed a product specifically to meet HIPAA’s exacting requirements for compliance, security, governance, and data reporting. Salesforce’s Health Cloud includes much more than just standard Salesforce security features, like two-factor authentication, IP login restrictions, login history, and fine-grained sharing. Let’s explore five unique aspects of Health Cloud that exemplify Salesforce’s commitment to HIPAA compliance and data security:


1. Private patient communities provide secure collaboration: Salesforce has mastered the art of building robust, engaged communities that are accessible from any device. Salesforce Health Cloud uses this core community-building platform as the basis for promoting collaboration among all of the providers in a patient’s care network. But this platform also has been customized with carefully tailored features designed specifically for the healthcare industry. Every patient in Health Cloud is assigned a private community to which members are added and given defined roles, such as care coordinator, primary physician, and caregiver. From within this private community, community members can view care plans, get answers to common questions, ask patients to fill out forms in advance, and communicate with one another. Significantly, these communications can be done privately, so a physician can message a caregiver, for example, and no one else in the patient’s community will be able to see these communications. Then, when a community member is no longer involved in the patient’s care, they can…



Want to keep reading? Download the complete ebook, Everything You Need to Know About Health Cloud, today!


Paul StevensonPaul is Simplus’ Subject Matter Expert in HLS CRM Strategy. An expert with deep CRM experience in healthcare, telecom, distribution, and financial segments, Paul is a consultant who drives CRM innovations to clear a path for growth in revenue and operational efficiency. He has hands-on experience in developing, marketing, and selling CRM Apps and is a proven project leader with skills to lead CRM integrations with payer, provider, telecom, and proprietary operational and financial information systems.

[email protected]

Related Articles
Concluding thoughts: Salesforce translations wrap-up

This should give you everything you need in order to do translations on your metadata and, in some cases, other Read more

Integrating and migrating data in Salesforce for financial services

FHLBanks Office of Finance reached out to Simplus for help moving prior processes and models into a new system of Read more

How Sales Cloud transforms processes for non-profits

Sales Cloud isn't just for big, corporate enterprises. The Boys and Girls Clubs found great value in its implementation of Read more