XTRA is now HIPAA compliant!

#Trust is key in any relationship, even more so when it involves sensitive health data about a user.

In most Computer Vision-powered Movement Tracking applications, users’ movements will need to be recorded through a camera which can be a daunting experience for users: Who has access to my video-feed? What happens to my data? What information is collected about me and where is it stored?

At XTRA, while we will never store any video feed of our users, data security remains a fundamental topic for our partners and their community of users. That is why we decided to become HIPAA compliant.

What is HIPAA and how do you get certified?

HIPAA — “The Health Insurance Portability and Accountability Act'' is a federal law in the United States that requires certified companies to adhere to strict national standards to protect a patient's sensitive health information from being shared without consent or prior knowledge. In order to get certified, companies need to demonstrate their ability to deal with sensitive health information in a manner compliant to the rules enforced by the U.S. Department of Health and Human Services (HHS)

We used a company called Compliancy Group to help us with the process. Over a period of a couple of months, we had to:

1. Implement written policies, procedures, and standards of conduct to comply with HIPAA regulatory standards
2. Conduct effective trainings and internal monitoring and audits on a yearly basis
3. Enforce standards through publicized disciplinary guidelines with how we manage the data

With this achievement, XTRA is now better equipped to handle sensitive health information of our partners. This is an important milestone achieved in showcasing our stakeholders the emphasis we put on #Trust.