Freshpaint gives you visibility into the trackers installed across your website, so you can more quickly make the decisions that keep you HIPAA-compliant.

What Is A Web Tracker?

Services such as Google Analytics and Facebook Advertising ask their clients to install software on their websites. You may have added the Google Tag or the Facebook Pixel to your site - those are both examples of Web Trackers. For HIPAA-covered entities, Web Trackers can pose a big risk to the extent that they facilitate sharing PHI from your site with unauthorized third parties.

Get Notified About New Trackers

Freshpaint delivers a weekly report to your inbox with information about new trackers installed. To set up your weekly reports, read our getting started guide.

See Where Trackers Are Installed

Freshpaint’s weekly report shows you installed trackers and provides you a complete list of the pages they’re installed on so you can better assess whether they could be sharing PHI.

Get Context About Trackers

Freshpaint provides context about the highest risk trackers identified to help you know where to start your audit.

Take Next Steps to Mitigate HIPAA Risk

Freshpaint guides you towards HIPAA compliance by presenting different options to resolve each tracker found on your site. The next page describes the different resolution types and how to proceed with them.

Organize Your BAAs

Upload your BAA for each tool on your site. You won't need to wonder whether your organization has a BAA in place, and you won't have to search to find the document.

How It Works

Freshpaint scans your entire site by starting from the home page and following links to explore from there. We will explore all pages on the site including subdomains. For example, we would follow a link from example.com to my.example.com.

For each page, we keep track of which third party tools may be collecting PHI.

We'll send you an initial report of all of the trackers we find on your site. Each week, we'll re-scan your site and notify you of any new trackers that have been added.

How To Use Your Report

Tracker Overview

The first tab provides you a list of the trackers we were able to identify.

We provide context and descriptions where we can (this will get better over time) about each tracker and assign a level of HIPAA compliance risk.

Pages Per Tracker

The additional tabs show you all the pages each tracker is installed on.

Next Steps

Once you have your report, read our Privacy-First Framework for best practices on keeping your site HIPAA-compliant. Visit the next page to learn more about the different options to mitigate a tracker's risk, and then login to the Freshpaint UI to mark trackers as resolved for various reasons.

Web Tracker Manager

You can also view the latest Web Tracker Report for your site in the Freshpaint app by navigating to "Monitoring" -> "Web Trackers" in the left sidebar.

You can view the full list of trackers installed on your site, along with their respective risk levels. You can also click to view a detailed page for each tracker.

On a tracker's detailed page, you can choose different options to mark a tracker as resolved; you can also add arbitrary notes about a tracker, or upload a BAA if you already have a signed BAA with the provider.

Freshpaint customers can set up Web Tracker Monitoring by contacting support@freshpaint.io. Please provide the following information:

1. The URL to the home page of the site that you need to monitor

2. The email address(es) where Freshpaint can send the reports

It may take up to one week to generate the initial report for your site.

Allow Freshpaint's IP Address

Your site may have a firewall to prevent bots. We recommend contacting your organization's IT team and asking them to ensure that Freshpaint is able to scan your site. You can send them the following message:

Freshpaint is working with your marketing and compliance teams to help with your organization's HIPAA compliance. We are setting up web tracker monitoring for your site, and we want to make sure we will not be blocked or rate-limited by your bot detection / firewall.

Could you please allowlist Freshpaint's IP address 35.162.70.108 so that we are able to scan the site?

For context, we plan to crawl the entire site, including subdomains, about once per week. There may be additional crawls occasionally, particularly while we're first setting up the monitoring.

Please feel free to reach out to support@freshpaint.io with any questions.