5 things to know about Salesforce, HIPAA, and data security

by Paul B. Stevenson, MPA, CPA

When you work in the healthcare industry, everything you do revolves around HIPAA compliance. The Health Insurance Portability and Accountability Act (HIPAA) of 1996 is a prescriptive set of security standards and requirements intended to protect patient data. HIPAA is so critically important to healthcare organizations, in fact, that healthcare organizations tend to shy away from newer technologies, especially cloud-based solutions. To this day, less than half of healthcare IT professionals report being comfortable using cloud-based solutions, and only 30% have a strategy in place to move their organization’s data to the cloud, according to a 2018 survey assessing healthcare IT professionals’ attitudes toward cloud-based solutions.

But the healthcare industry is changing fast—and increasingly demanding next-generation, cloud-based technology solutions. As healthcare organizations pursue cloud technology, they’re finding that Salesforce has developed a product specifically to meet HIPAA’s exacting requirements for compliance, security, governance, and data reporting. Salesforce’s Health Cloud includes much more than just standard Salesforce security features, like two-factor authentication, IP login restrictions, login history, and fine-grained sharing. Let’s explore five unique aspects of Health Cloud that exemplify Salesforce’s commitment to HIPAA compliance and data security:


1. Private patient communities provide secure collaboration: Salesforce has mastered the art of building robust, engaged communities that are accessible from any device. Salesforce Health Cloud uses this core community-building platform as the basis for promoting collaboration among all of the providers in a patient’s care network. But this platform also has been customized with carefully tailored features designed specifically for the healthcare industry. Every patient in Health Cloud is assigned a private community to which members are added and given defined roles, such as care coordinator, primary physician, and caregiver. From within this private community, community members can view care plans, get answers to common questions, ask patients to fill out forms in advance, and communicate with one another. Significantly, these communications can be done privately, so a physician can message a caregiver, for example, and no one else in the patient’s community will be able to see these communications. Then, when a community member is no longer involved in the patient’s care, they can…



Want to keep reading? Download the complete ebook, Everything You Need to Know About Health Cloud, today!


Paul StevensonPaul is Simplus’ Subject Matter Expert in HLS CRM Strategy. An expert with deep CRM experience in healthcare, telecom, distribution, and financial segments, Paul is a consultant who drives CRM innovations to clear a path for growth in revenue and operational efficiency. He has hands-on experience in developing, marketing, and selling CRM Apps and is a proven project leader with skills to lead CRM integrations with payer, provider, telecom, and proprietary operational and financial information systems.

[email protected]

Related Articles
Why CRM is the secret sauce for a better EMR system

Let’s take a look at what EMR is getting right and what additional technology can be added to provide a Read more

advisory services
Using Advisory Services to address customer service pain points

Our Simplus Advisory Services team worked with Nitel, a telecommunications provider, to overcome pain points with customer service

Why your EHR system could bring in more business with CRM

Let’s examine what EHR technology is and how combining CRM capabilities with EHR creates a solid foundation to connect with Read more