HIPAA Compliant Surveys

Health Insurance Portability and Accountability Act of 1996 (HIPAA) addresses the use and disclosure of “protected health information” by organizations subject to the Privacy Rule called “covered entities,” as well as standards for individuals' privacy rights to understand and control how their health information is used. The motive behind this act is to ascertain and assure that health information of an individual is protected properly. At the same time, the law ensures the flow of health information required to elevate high-quality healthcare do not adversely affect the public’s health and well-being. Nevertheless, the privacy act is comprehensively and flexibly designed covering the variety of uses and disclosures that need to be addressed.

The law is applicable to the healthcare industry as a whole, but any entity or third party institution involved in using or distributing the healthcare data also needs to comply with the HIPAA guidelines.

QuestionPro is an online survey platform which is being highly used and favored by many global health institutes. In most of the instances, collecting, distributing, and analyzing the data are major ingredients of an online survey tool, QuestionPro is no different. Moreover, chances are high that the majority of surveys conducted by hospitals or similar health institutes might contain Protected Health Information (PHI) of a patient. Although we comply with all the major data theft prevention, data privacy, and data sharing laws, we believe our clients play an equal and important role in sending, storing, and handling sensitive healthcare data ensuring full compliance with the HIPAA regulations.

Guidelines for HIPAA Compliance

Different healthcare institutes use surveys for different purposes. Therefore, we have documented a set of guidelines that will help such covered entities to comply with the HIPAA Act.
  • If your research intends to cover patients, you are requested to collect patient feedback in a secure manner.
  • At the time of asking for patient registration information, ensure you are not breaching the PHI rules.
  • As far as possible, conduct all healthcare related surveys confidently and discreetly.
  • All the sources through which you will be collecting the healthcare data must be reliable.
  • Ensure all mobile surveys are forwarded with proper SSL/TLS encryption.
  • Do not share or provide inappropriate access to your any healthcare survey data.
  • Limit the access and monitor the activity accounts logs to ensure no unethical data sharing.


We are committed to working with individuals for obtaining a fair resolution to all complaints or disputes about HIPAA and PHI. Our commitment to privacy is demonstrated and documented by our internal Privacy Compliance Officer, by our adherence to the applicable laws and codes. If you have any complaints or concerns about our HIPAA Compliance you can contact

United States of America: +1 (800) 531 0228
United Kingdom: +44 20 8080 9780
Australia: +61 2 8074 5080
Fax: +1 (206) 260-3243