Socialmade LLC partners with HighLevel, utilizing its software solutions for all our services. Both Socialmade LLC and HighLevel are 100% HIPAA-compliant, ensuring the secure handling of sensitive health information.

What is HIPAA?

HIPAA, or the Health Insurance Portability and Accountability Act of 1996, is U.S. legislation enacted to safeguard medical information through strict data privacy and security provisions. Signed into law by President Bill Clinton on August 21, 1996, HIPAA includes five titles:

Title I: Health Insurance Reform

Title II: Administrative Simplification

Title III: Tax-Related Health Provisions

Title IV: Application and Enforcement of Group Health Plan Requirements

Title V: Revenue Offsets

For most online marketing contexts, HIPAA compliance refers to adhering to

Title II requirements, which are particularly relevant for handling patient data.

Title II: HIPAA Administrative Simplification Provisions

Title II mandates specific compliance requirements, including:

National Provider Identifier Standard: Every healthcare entity, including individuals, employers, health plans, and providers, must have a unique 10-digit identifier, known as an NPI.

Transactions and Code Set Standard:

Healthcare organizations must follow standardized electronic data interchange (EDI) processes to submit and process insurance claims.HIPAA Privacy Rule: This rule sets national standards for protecting patient health information.HIPAA Security Rule: It establishes standards to secure electronic protected health information.HIPAA Enforcement Rule: This rule provides guidelines for investigating HIPAA compliance violations.

In our relationship with HighLevel and client Practices, two key requirements are particularly relevant: the HIPAA Privacy Rule and the HIPAA Security Rule

.

HighLevel Compliance

In HIPAA terms, the Practice (client) is the “covered entity,” while HighLevel and Socialmade LLC are “HIPAA Business Associates.” HighLevel has collaborated with The Compliancy Group to ensure full adherence to HIPAA Privacy and Security Rules, allowing us to sign Business Associate Agreements (BAAs) with our clients.

For maximum security and compliance, your agency must also meet HIPAA Title II standards. This enables you to offer a BAA to your clients as well, ensuring the full protection of all patient data handled on behalf of your Practice. Contact us if you'd like information about The Compliancy Group to assist in achieving full compliance.

Data Security

Our database automatically encrypts all data before writing it to disk—no configuration required. Data is transparently decrypted only for authorized users.

We use server-side encryption managed by Google’s hardened key management systems, which includes strict key access controls and regular auditing. Each database object is encrypted with 256-bit AES, and encryption keys are further secured through a regularly rotated master key system.

For more information on HighLevel’s HIPAA compliance, please click here.