How can Pipedream ensure HIPAA compliance and smooth integration with Salesforce, QuickBooks, JotForm, and Paylocity for a healthcare project?

This topic was automatically generated from Slack. You can find the original thread here.

I need help with a client project; not sure who/how to best get the answers:

We’re evaluating Pipedream (we are a paying customer from this week!)
for a client project that involves integrating multiple systems
including Salesforce (Lumary), QuickBooks, JotForm, and Paylocity.
Given the healthcare nature of this project, HIPAA compliance is a
critical requirement.

I have several questions about your Business plan HIPAA capabilities:

HIPAA Compliance & BAA:

  • Can you provide a sample Business Associate Agreement (BAA) for review?
  • What is the timeline to execute a BAA once we move forward?
  • Can you confirm that Workflows, Event Sources, Data Stores, and
    Destinations are all HIPAA-compliant?
  • What specific encryption standards do you use for PHI data at rest
    and in transit?
  • How do you handle audit logging for PHI access and processing?

Integration Capabilities:

  • Do you have experience with Lumary (Salesforce-based healthcare
    platform) integrations?
  • Are there any API rate limiting concerns or limitations we should be aware of?
  • How do you handle real-time data synchronization across multiple systems?

Enterprise Support:

  • Can you provide your SOC 2 report and third-party HIPAA audit results?
  • What is the typical implementation timeline for Enterprise
    HIPAA-compliant integrations?
  • What is your incident response process for potential PHI breaches?

We’re working under a tight timeline and would appreciate the
opportunity to schedule a call to discuss these requirements and
Business plan pricing in more detail. Please let me know your
availability for a technical discussion this week or next.

Hey there, do you mind dropping your questions into the “Contact Sales” form on the pricing page? That’ll route it directly to the right team on our end: https://pipedream.com/pricing

Hi the pipedream team will help you with the sales questions, but I’ve got a lot of experience working with pipedream as well as Salesforce & Lumary for a few clients. Lumary data is stored as custom objects in Salesforce which Pipedream can read, write, and update. I’ve used and support a few different integration platforms, Pipedream is by far the most flexible that I’ve used to work with Salesforce.

amazing. I might reach out if we decide to move ahead with the prospect!