About the Coveo Cloud V2 HIPAA Platform

Logo-HIPAA

The Health Insurance Portability and Accountability Act (HIPAA) is an American law regarding, among other healthcare-related issues, medical record and personal data privacy. HIPAA security rules apply to healthcare organizations and their business associates, such as cloud service providers like Coveo.

In June 2017, the Coveo Cloud V2 platform successfully passed the HIPAA Compliance audit (see Coveo Cloud Platform Successfully Passes HIPAA Compliance Audit and SOC 2 Examination). This examination confirmed Coveo’s commitment to protect electronic personal health information (PHI) handled within its Cloud V2 platform and ensured that the platform infrastructure is built to do so. Coveo Cloud V2 platform administrators therefore only have limited access to the indexed content, which prevents potential privacy breaches. Moreover, the Coveo Cloud V2 HIPAA platform is hosted in a HIPAA-compliant environment. This environment offers more privacy, i.e., it is dedicated to Coveo’s HIPAA customers, and protected by additional security measures and access control procedures.

A few non-HIPAA compliant features cannot be made accessible to the Coveo Cloud V2 HIPAA platform users to ensure PHI cannot be exposed. The differences between the Coveo Cloud V2 HIPAA platform and the regular (non-HIPAA) platform are the following:

Point of difference Coveo Cloud V2 HIPAA Coveo Cloud V2
Address platformhipaa.cloud.coveo.com platform.cloud.coveo.com
HIPAA-compliant hosting environment
Log Browser feature
Search result cache

What’s Next?