Drata announces automated HIPAA compliance to safeguard protected health information

Drata released its automated HIPAA compliance, empowering companies to comply with the federal law addressing protected health information (PHI).

HIPAA is the third addition to Drata’s framework offering, joining SOC 2 compliance and ISO 27001 certification, in less than a year since Drata’s public launch.

The addition of HIPAA reflects Drata’s continued commitment in helping customers safeguard PHI. This latest launch grants existing and future customers peace of mind that they are adequately protecting customer data while also complying with the law.

“Compliance is a critical piece to building trust with customers, and that’s especially true when handling protected health information,” said Adam Markowitz, Drata Co-Founder and CEO. “The addition of HIPAA to Drata’s platform is centered around that trust and helping companies navigate this complex regulation and keep sensitive health data safe.”

Drata automates the path to HIPAA compliance to ease and simplify the time-intensive process while helping companies establish much-needed trust from customers, partners, and prospects around their data. The addition of HIPAA to Drata’s compliance automation platform brings an embedded complementary HIPAA security training as well as several new HIPAA-focused policy templates to Drata’s already extensive library.

And, existing customers who have achieved SOC 2 compliance or ISO 27001 certification with Drata may see up to 81% or 75% of its respective controls apply to HIPAA, further expediting the process.

This announcement comes on the heels of Drata’s recent $100M Series B financing round, which cemented its position as one of the fastest companies to ever achieve unicorn status. With the HIPAA addition, Drata will continue to build out additional frameworks and features that will deepen automation and make achieving and maintaining compliance accessible for companies of all sizes.