Freshpaint
HomeLogin
Search…
Freshpaint Help Center
Getting Started
What is Freshpaint?
Web Quickstart Guide
React Native Quickstart Guide
iOS Quickstart Guide
Android Quickstart Guide
Building Out Your Account
Data Management
Overview of Features
Sources
Transformations
Event Library
Visual Tagger
Live View
Time Machine
HIPAA Mode
Projects & Environments
Advanced Options
Teams Page
Destinations
Frequently Asked Questions
How Do I Switchover From Segment?
Where do I find my Environment ID?
Is Freshpaint GDPR & CCPA Compliant?
Can I use transformations to anonymize data for client-side destinations?
How do I QA or debug my data?
Why Do My Numbers Differ Across Different Tools?
Billing: How Does Freshpaint Determine MTUs?
Can I Use Freshpaint on Multiple Sites?
How Can I Export Data From Freshpaint?
How Does Freshpaint Identify Users?
How Many Events Should I Create?
What Should I Name My Events?
How do I track scroll depth?
What Data Does Freshpaint Collect?
Does Freshpaint's Autotrack slow my site down?
Running Freshpaint with a Proxy
Should my Environment ID be treated as a sensitive key?
How Does Freshpaint Determine Session Count?
What is the difference between client-side and server-side connection mode?
Can I try Freshpaint locally?
Where can I view Freshpaint’s Status?
Developer Docs
Freshpaint Web SDK Reference
Freshpaint React Native SDK Reference
Freshpaint iOS SDK Reference
Freshpaint Android SDK Reference
HTTP API
Powered By GitBook
HIPAA Mode
Freshpaint provides several features to restrict and manage Protected Health Information (PHI) in your customer data.
When a destination is in HIPAA mode, the user identifiers attached to events are masked through ID Masking, and Enforced Allowlisting is applied to event properties.

Putting a destination into HIPAA Mode

A destination is in HIPAA Mode if its connection mode is "Server-side" and HIPAA features are enabled.
You can change these options on the destination's configuration page. You should always enable HIPAA mode unless you've signed a Business Associate Agreement (BAA) with the destination, or you won't be sending PHI to the destination.
A destination is in HIPAA mode if its Connection Mode is "server-side" and HIPAA features are enabled
Because HIPAA Mode features are applied to events on Freshpaint's servers, client-side destinations do not support HIPAA mode. As a result, destinations where HIPAA features are enabled and the connection mode is "Client-side" are invalid.
Destinations configured to restrict PHI that are set to the Client-Side connection mode are invalid

ID Masking

The ID Masking feature allows you to identify users in Freshpaint using a non-anonymized ID without sending the identifier to non-HIPAA compliant destinations. Freshpaint does this by hashing the user identifier before sending events to non-HIPAA compliant destinations. This anonymizes the user identifier, while still associating events with a single identified user and preserving functionality like identity resolution .

Enforced Allowlists

The Enforced Allowlists feature allows you to send properties classified as PHI to your HIPAA-compliant destinations, and send only non-PHI properties to non-HIPAA compliant destinations. Freshpaint does this by allowing you to specify a list of properties that are known to not contain PHI. Whenever Freshpaint sees an event or user property that is not in this allowlist, Freshpaint will remove the property before sending the event or identify request to non-HIPAA compliant destinations.
Add non-PHI properties to a project's allowlists to send them to non-HIPAA compliant destinations

Restricting PHI without HIPAA mode enabled

You may want to send events to a non-HIPAA compliant destination without applying ID Masking or Allowlists. This might be the case when:
  • You want to send events to a non-HIPAA compliant destination that only supports Client-side connection mode, so you need to disable HIPAA mode to use the client-side destination.
    • Example: you want to send data to Bing Ads, which only supports client-side connections.
  • You want to send events to a non-HIPAA compliant destination, and the destination needs the original user identifier, so you need to disable ID masking.
    • Example: you want to send events to your email marketing platform, and you need to preserve the user's email address.
PHI is the combination of Personal Identifiable Information (PII) and health information. Examples of PII include:
  • Names
  • IP Addresses
  • Non-anonymized user IDs
  • Emails
Examples of health information include:
  • Diagnoses
  • Treatment information
  • Medical test results
  • Prescription information
To avoid sending PHI to a non-HIPAA compliant destination, you must restrict PII, health information, or both. Note that this restriction is scoped to all API calls made for a user. For example:
  • You attach PII (but not health information) to an anonymous user in a destination with a Freshpaint.identify() API call
  • Later on, you send a Freshpaint.track() API call containing health information (but not PII) to the same destination for this anonymous user
You're still sending PHI to the destination, since the destination has received both PII and health information for the same user, even though this information was received in different requests.
When determining whether a destination may collect PHI, it's important to understand exactly what metadata and properties a destination collects, and whether these metadata and properties contain PII or health information.
For example, the Freshpaint Bing Ads destination collects IP addresses, Freshpaint event names, and page URLs (alongside other metadata). Because an IP address is PII, it's important to ensure the event names and page URLs collected by Bing Ads do not include health information.
If you're unsure whether one of your destinations is collecting PHI, don't hesitate to reach out to [email protected]
And of course, you should always consult with your legal team.
​
​
Data Management - Previous
Time Machine
Next - Data Management
Projects & Environments
Last modified 7mo ago
Copy link
On this page
Putting a destination into HIPAA Mode
ID Masking
Enforced Allowlists
Restricting PHI without HIPAA mode enabled