{"id":1869,"date":"2012-04-13T00:00:00","date_gmt":"2012-04-13T00:00:00","guid":{"rendered":"http:\/\/otava.test\/hipaa-certified-vs-hipaa-compliant\/"},"modified":"2012-04-13T00:00:00","modified_gmt":"2012-04-13T00:00:00","slug":"hipaa-certified-vs-hipaa-compliant","status":"publish","type":"post","link":"https:\/\/www.otava.com\/blog\/hipaa-certified-vs-hipaa-compliant\/","title":{"rendered":"HIPAA Certified vs. HIPAA Compliant"},"content":{"rendered":"

This is a blog post on the phrase \u2018HIPAA certified\u2019 to inform you that there is no such thing as \u2018HIPAA certified.\u2019 What\u2019s the correct term, then? \u2018HIPAA compliant<\/strong>.\u2019 This means that you, as a covered entity<\/a>, or business associate<\/a>, has been found in compliance with the HIPAA Security and Privacy Rules as established by the Department of Health and Human Services (HHS). You have done your due diligence by putting in policies, processes and procedures to achieve technical<\/a>, administrative<\/a> and physical safeguards<\/a> to protect PHI<\/a>.<\/p>\n

The HHS does recognize any \u2018HIPAA certification\u2019 program as legitimate. When they come to inspect and audit, they will likely not care if you have a \u2018HIPAA certified\u2019 seal on your website. They care about the security and design of your controls to protect PHI to the best of your ability, and the actual policies and procedures your organization abides by.<\/p>\n

While many use \u2018certified\u2019 and \u2018compliant\u2019 interchangeably to mean the same thing, they cannot be used to describe data centers, hosting providers or any service provider acting as a business associate to a covered entity that needs to achieve their own compliance. For example, it\u2019s not ‘HIPAA certified data centers,’ it\u2019s ‘HIPAA compliant data centers<\/a><\/strong>.’ Or ‘HIPAA compliant hosting<\/a><\/strong>,’ not ‘HIPAA certified hosting.’<\/p>\n

This article<\/a>, from ZDNet is properly titled Will Your Cloud Be HIPAA Compliant?<\/em> Yet, despite its title, \u2018certified\u2019 appears everywhere in the article as it refers to data center providers:<\/p>\n

\"HIPAA<\/a><\/p>\n

But at least one person commenting on the article seems to understand the difference:<\/p>\n

\"HIPAA<\/a><\/p>\n

So for service providers in the healthcare industry – and for healthcare organizations that contract out to them, please take heed: the correct term is \u201cHIPAA compliant\u201d <\/strong>and\u00a0not \u201cHIPAA certified.\u201d Be wary of those that claim to be certified – because chances are, they might not really know what they\u2019re talking about at all.<\/p>\n","protected":false},"excerpt":{"rendered":"

This is a blog post on the phrase \u2018HIPAA certified\u2019 to inform you that there is no such thing as \u2018HIPAA certified.\u2019 What\u2019s the correct term, then? \u2018HIPAA compliant.\u2019 This means that you, as a covered entity, or business associate, has been found in compliance with the HIPAA Security and Privacy Rules as established by the Department of Health and Human Services (HHS). You have done your due diligence by putting in policies, processes and procedures to achieve technical, administrative and physical safeguards to protect PHI. The HHS does recognize any \u2018HIPAA certification\u2019 program as legitimate. When they come to inspect and audit, they will likely not care if you have a \u2018HIPAA certified\u2019 seal on your website. They care about the security and design of your controls to protect PHI to the best of your ability, and the actual policies and procedures your organization abides by. While many use \u2018certified\u2019 and \u2018compliant\u2019 interchangeably to mean the same thing, they cannot be used to describe data centers, hosting providers or any service provider acting as a business associate to a covered entity that needs to achieve their own compliance. For example, it\u2019s not ‘HIPAA certified data centers,’ it\u2019s ‘HIPAA compliant…<\/p>\n","protected":false},"author":3,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1],"tags":[],"other_category":[],"class_list":["post-1869","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"acf":[],"yoast_head":"\nHIPAA Certified vs. HIPAA Compliant | OTAVA<\/title>\n<meta name=\"description\" content=\"Is there a difference between HIPAA compliant and HIPAA certified? The terms are sometimes used interchangeably but here's the difference between them:\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.otava.com\/blog\/hipaa-certified-vs-hipaa-compliant\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"HIPAA Certified vs. HIPAA Compliant\" \/>\n<meta property=\"og:description\" content=\"Is there a difference between HIPAA compliant and HIPAA certified? The terms are sometimes used interchangeably but here's the difference between them:\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.otava.com\/blog\/hipaa-certified-vs-hipaa-compliant\/\" \/>\n<meta property=\"og:site_name\" content=\"OTAVA\" \/>\n<meta property=\"article:published_time\" content=\"2012-04-13T00:00:00+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.otava.com\/wp-content\/uploads\/2019\/04\/zdnet-article.png\" \/>\n<meta name=\"author\" content=\"Irma Brillantes\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Irma Brillantes\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.otava.com\/blog\/hipaa-certified-vs-hipaa-compliant\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.otava.com\/blog\/hipaa-certified-vs-hipaa-compliant\/\"},\"author\":{\"name\":\"Irma Brillantes\",\"@id\":\"https:\/\/www.otava.com\/#\/schema\/person\/35774075f8f4fcdd4eae80cb72034263\"},\"headline\":\"HIPAA Certified vs. HIPAA Compliant\",\"datePublished\":\"2012-04-13T00:00:00+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.otava.com\/blog\/hipaa-certified-vs-hipaa-compliant\/\"},\"wordCount\":318,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/www.otava.com\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.otava.com\/blog\/hipaa-certified-vs-hipaa-compliant\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.otava.com\/wp-content\/uploads\/2019\/04\/zdnet-article.png\",\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/www.otava.com\/blog\/hipaa-certified-vs-hipaa-compliant\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.otava.com\/blog\/hipaa-certified-vs-hipaa-compliant\/\",\"url\":\"https:\/\/www.otava.com\/blog\/hipaa-certified-vs-hipaa-compliant\/\",\"name\":\"HIPAA Certified vs. HIPAA Compliant | OTAVA\",\"isPartOf\":{\"@id\":\"https:\/\/www.otava.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.otava.com\/blog\/hipaa-certified-vs-hipaa-compliant\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.otava.com\/blog\/hipaa-certified-vs-hipaa-compliant\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.otava.com\/wp-content\/uploads\/2019\/04\/zdnet-article.png\",\"datePublished\":\"2012-04-13T00:00:00+00:00\",\"description\":\"Is there a difference between HIPAA compliant and HIPAA certified? The terms are sometimes used interchangeably but here's the difference between them:\",\"breadcrumb\":{\"@id\":\"https:\/\/www.otava.com\/blog\/hipaa-certified-vs-hipaa-compliant\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.otava.com\/blog\/hipaa-certified-vs-hipaa-compliant\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.otava.com\/blog\/hipaa-certified-vs-hipaa-compliant\/#primaryimage\",\"url\":\"https:\/\/www.otava.com\/wp-content\/uploads\/2019\/04\/zdnet-article.png\",\"contentUrl\":\"https:\/\/www.otava.com\/wp-content\/uploads\/2019\/04\/zdnet-article.png\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.otava.com\/blog\/hipaa-certified-vs-hipaa-compliant\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.otava.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"HIPAA Certified vs. HIPAA Compliant\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.otava.com\/#website\",\"url\":\"https:\/\/www.otava.com\/\",\"name\":\"OTAVA\u00ae\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\/\/www.otava.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.otava.com\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.otava.com\/#organization\",\"name\":\"OTAVA\u00ae\",\"url\":\"https:\/\/www.otava.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.otava.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.otava.com\/wp-content\/uploads\/2025\/03\/otava-logo.svg\",\"contentUrl\":\"https:\/\/www.otava.com\/wp-content\/uploads\/2025\/03\/otava-logo.svg\",\"caption\":\"OTAVA\u00ae\"},\"image\":{\"@id\":\"https:\/\/www.otava.com\/#\/schema\/logo\/image\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.otava.com\/#\/schema\/person\/35774075f8f4fcdd4eae80cb72034263\",\"name\":\"Irma Brillantes\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/secure.gravatar.com\/avatar\/d5251bebc1699793a698d1a6158603cb3cdc50a095a12357e42d415b3e5546c2?s=96&d=mm&r=g\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/d5251bebc1699793a698d1a6158603cb3cdc50a095a12357e42d415b3e5546c2?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/d5251bebc1699793a698d1a6158603cb3cdc50a095a12357e42d415b3e5546c2?s=96&d=mm&r=g\",\"caption\":\"Irma Brillantes\"},\"url\":\"https:\/\/www.otava.com\/blog\/author\/ibrillantesotava-com\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"HIPAA Certified vs. HIPAA Compliant | OTAVA","description":"Is there a difference between HIPAA compliant and HIPAA certified? The terms are sometimes used interchangeably but here's the difference between them:","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.otava.com\/blog\/hipaa-certified-vs-hipaa-compliant\/","og_locale":"en_US","og_type":"article","og_title":"HIPAA Certified vs. HIPAA Compliant","og_description":"Is there a difference between HIPAA compliant and HIPAA certified? The terms are sometimes used interchangeably but here's the difference between them:","og_url":"https:\/\/www.otava.com\/blog\/hipaa-certified-vs-hipaa-compliant\/","og_site_name":"OTAVA","article_published_time":"2012-04-13T00:00:00+00:00","og_image":[{"url":"https:\/\/www.otava.com\/wp-content\/uploads\/2019\/04\/zdnet-article.png","type":"","width":"","height":""}],"author":"Irma Brillantes","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Irma Brillantes","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.otava.com\/blog\/hipaa-certified-vs-hipaa-compliant\/#article","isPartOf":{"@id":"https:\/\/www.otava.com\/blog\/hipaa-certified-vs-hipaa-compliant\/"},"author":{"name":"Irma Brillantes","@id":"https:\/\/www.otava.com\/#\/schema\/person\/35774075f8f4fcdd4eae80cb72034263"},"headline":"HIPAA Certified vs. HIPAA Compliant","datePublished":"2012-04-13T00:00:00+00:00","mainEntityOfPage":{"@id":"https:\/\/www.otava.com\/blog\/hipaa-certified-vs-hipaa-compliant\/"},"wordCount":318,"commentCount":0,"publisher":{"@id":"https:\/\/www.otava.com\/#organization"},"image":{"@id":"https:\/\/www.otava.com\/blog\/hipaa-certified-vs-hipaa-compliant\/#primaryimage"},"thumbnailUrl":"https:\/\/www.otava.com\/wp-content\/uploads\/2019\/04\/zdnet-article.png","inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.otava.com\/blog\/hipaa-certified-vs-hipaa-compliant\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.otava.com\/blog\/hipaa-certified-vs-hipaa-compliant\/","url":"https:\/\/www.otava.com\/blog\/hipaa-certified-vs-hipaa-compliant\/","name":"HIPAA Certified vs. HIPAA Compliant | OTAVA","isPartOf":{"@id":"https:\/\/www.otava.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.otava.com\/blog\/hipaa-certified-vs-hipaa-compliant\/#primaryimage"},"image":{"@id":"https:\/\/www.otava.com\/blog\/hipaa-certified-vs-hipaa-compliant\/#primaryimage"},"thumbnailUrl":"https:\/\/www.otava.com\/wp-content\/uploads\/2019\/04\/zdnet-article.png","datePublished":"2012-04-13T00:00:00+00:00","description":"Is there a difference between HIPAA compliant and HIPAA certified? The terms are sometimes used interchangeably but here's the difference between them:","breadcrumb":{"@id":"https:\/\/www.otava.com\/blog\/hipaa-certified-vs-hipaa-compliant\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.otava.com\/blog\/hipaa-certified-vs-hipaa-compliant\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.otava.com\/blog\/hipaa-certified-vs-hipaa-compliant\/#primaryimage","url":"https:\/\/www.otava.com\/wp-content\/uploads\/2019\/04\/zdnet-article.png","contentUrl":"https:\/\/www.otava.com\/wp-content\/uploads\/2019\/04\/zdnet-article.png"},{"@type":"BreadcrumbList","@id":"https:\/\/www.otava.com\/blog\/hipaa-certified-vs-hipaa-compliant\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.otava.com\/"},{"@type":"ListItem","position":2,"name":"HIPAA Certified vs. HIPAA Compliant"}]},{"@type":"WebSite","@id":"https:\/\/www.otava.com\/#website","url":"https:\/\/www.otava.com\/","name":"OTAVA\u00ae","description":"","publisher":{"@id":"https:\/\/www.otava.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.otava.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.otava.com\/#organization","name":"OTAVA\u00ae","url":"https:\/\/www.otava.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.otava.com\/#\/schema\/logo\/image\/","url":"https:\/\/www.otava.com\/wp-content\/uploads\/2025\/03\/otava-logo.svg","contentUrl":"https:\/\/www.otava.com\/wp-content\/uploads\/2025\/03\/otava-logo.svg","caption":"OTAVA\u00ae"},"image":{"@id":"https:\/\/www.otava.com\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/www.otava.com\/#\/schema\/person\/35774075f8f4fcdd4eae80cb72034263","name":"Irma Brillantes","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/d5251bebc1699793a698d1a6158603cb3cdc50a095a12357e42d415b3e5546c2?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/d5251bebc1699793a698d1a6158603cb3cdc50a095a12357e42d415b3e5546c2?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/d5251bebc1699793a698d1a6158603cb3cdc50a095a12357e42d415b3e5546c2?s=96&d=mm&r=g","caption":"Irma Brillantes"},"url":"https:\/\/www.otava.com\/blog\/author\/ibrillantesotava-com\/"}]}},"_links":{"self":[{"href":"https:\/\/www.otava.com\/wp-json\/wp\/v2\/posts\/1869","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.otava.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.otava.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.otava.com\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/www.otava.com\/wp-json\/wp\/v2\/comments?post=1869"}],"version-history":[{"count":0,"href":"https:\/\/www.otava.com\/wp-json\/wp\/v2\/posts\/1869\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.otava.com\/wp-json\/wp\/v2\/media?parent=1869"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.otava.com\/wp-json\/wp\/v2\/categories?post=1869"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.otava.com\/wp-json\/wp\/v2\/tags?post=1869"},{"taxonomy":"other_category","embeddable":true,"href":"https:\/\/www.otava.com\/wp-json\/wp\/v2\/other_category?post=1869"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}