Home
Documentation
  1. HIPAA Compliance

HIPAA Compliance Overview

What You'll Learn

This section covers everything you need to know about building and running HIPAA-compliant apps on Knack. You'll find guidance on protecting patient data, configuring security settings, managing access controls, and meeting your compliance obligations.

HIPAA Compliance on Knack

Knack provides a platform that can support HIPAA-compliant applications. The platform includes HIPAA-ready infrastructure, encrypted data storage and transfer, role-based access controls, and a signed Business Associate Agreement (BAA).

That said, HIPAA compliance is not a product feature you can toggle on. It's a system-wide responsibility. Knack provides the tools and infrastructure. You're responsible for designing, building, and operating your app in a way that protects patient data.

This means compliance is a partnership. Knack handles the platform-level safeguards. You handle the application-level decisions — what data you collect, who can access it, how it's displayed, how it's tracked, and how your organization uses it.

What This Section Covers

  • Understanding HIPAA — What HIPAA requires, who's responsible for what, and how Knack Health plans work.
  • Protecting PHI in Your Knack App — What counts as PHI, the Minimum Necessary Rule, secure data handling, and data retention policies.
  • Access Controls for HIPAA Apps — HIPAA-specific security settings, user roles and permissions, authentication best practices, and API security.
  • Auditability and Record Keeping — How to build audit trails and understand where your data is stored.
  • BAA and Compliance Administration — Business Associate Agreements, organizational policies, third-party compliance, and disaster recovery.
  • Migrating to the HIPAA Environment — What to expect when moving your app to Knack's HIPAA infrastructure.
  • HIPAA Best Practices Checklist — A single-page reference with key action items from across the section.

Who Is This For?

This section is for anyone building or managing a Knack app that handles protected health information (PHI). That includes healthcare providers, clinic administrators, consultants building apps for healthcare clients, and anyone on a Knack Health HIPAA plan.

If you're not sure whether your app needs HIPAA compliance, start with HIPAA Basics for App Builders.

Updated about 7 hours ago