Help

Re: HIPAA Compliant and Business Associate Agreements

3699 3
cancel
Showing results for 
Search instead for 
Did you mean: 
rick_willever
5 - Automation Enthusiast
5 - Automation Enthusiast

While Airtable does EVERYTHING we need it to do – we can’t use it because it is not Hipaa compliant . Can anyone recommend another platform as good as Airtable?

We have a very simple flat database used for tracking surgical data

There are 15+ fields
Some text fields
Two date fields
Several combo Felds
Several check box fields
** One attachment field that can accommodate multiple attachments **

We have multiple views to look at the database and allow users to EASILY filter by DR and date, and edit/print the records.

We would like to be able to customize the input form more – but it is great that it accessible from all the different views

The search capability from multiple views is nice too.

The ability to see many fields in the horizontal view is great and the ability when printing to shrink the font size to fit data horizontally is huge.

The database needs to handle 5-10 GB of data and we need an easy way to move older records to another database.

** The database needs to be Hipaa compliant and we would like to sign a BAA **

The database will be used in our three offices over our office to office VPNs, but we have another office outside the firewall that needs access too. We could add the other office to the in house network, if there is a good in house product that works.

We have looked at a number of the Airtable competitors and some lack the Hipaa certification and others are light years behind what Airtable can do.

Please let me know if you know of another good solution.

7 Replies 7

Welcome to the community, @rick_willever.

You are correct that Airtable is not HIPAA compliant, but FileMaker Pro (in my opinion, the world’s greatest database platform) is fully HIPAA compliant, as long as you have a smart developer who properly enables all the HIPAA-compliant features.

If you contact me through my website at scottworld.com, I will put you in touch with my HIPAA-enlightened colleagues who can help get you setup.

Yep. Google Tables is fully compliant and they will sign a BAA, but it has a lot of weaknesses.

Just to be clear, you plan to store personally identifiable information, right?

Yes, we need to store PHI – Google Tables does look interesting.

thanks,

Rick,

I suspected as much - I do have a number of healthcare clients on Airtable but only because we neutered the data of PHI and where impossible to do so, we encrypted anything that included PHI using this approach.

This is not easy to do, but as you point out, there are excellent reasons to consider Airtable.

One alternative - a hybrid:

  • For all things PHI; use Google Tables as a veneer to its native table objects, spreadsheets, documents, and even Firebase (for large data sets at rest).
  • Firebase is fully HIPAA-compliant and Google will sign the BAA as it will for Drive, Documents, and Sheets.
  • For all things non-PHI or operational in nature, use Airtable but incorporate PHI data and documents by reference (within the Google Workspaces security context), not by value. This allows users to enjoy the freedom and usability of Airtable but forces them to comply with HIPAA requirements by requiring security access into the actual place where PHI data and documents exist.

Google Tables is beta but seems to be getting some traction and the API is quite mature for something so young. It also has a true event architecture and works with the 85+ SDKs of the Google Cloud Platform. It’s clearly no Airtable but it is HIPAA-compliant and only $10/month/user.

This approach is not ideal, but it does have some advantages over some of the weaker systems you may have looked at.

Bill,

Am I missing something – I don’t see how you can print a grid in google tables – or is it just half baked?

Thanks,

Rick

I don’t recall this topic being about printing per-se. However…

Google Tables can be used as a reporting dashboard and central to a reporting process. The actual printing process typically requires the instantiation of a temporary sheet (or indirect transformation from say a presentation document template) that is then generated as a PDF document or whatever target is required.

To the best of my knowledge, there is no specific API methods in Tables for printing, but there should be, of course.

Example approach… this document was generated through a Tables process using a slide document transformed with Airtable data. I tend to use slides documents as templates because they support embedded charts that update dynamically as the data is infused directly from Airtable.

image