Tableau Cloud’s HIPAA Compliance is a Gamechanger for Healthcare Organizations

By - February 8, 2023

Customers in the healthcare and life science industries have long relied on Tableau’s enterprise analytics capabilities. In December 2022, Tableau added new enhancements to their flagship SaaS offering, Tableau Cloud, allowing customers to be HIPAA compliant in safeguarding patients’ protected patient information (PHI). Now that Tableau Cloud meets HIPAA-established frameworks, a trend is surfacing: many legacy Tableau Server (on-prem) customers are migrating to Tableau Cloud to remove the administrative and maintenance burden from their IT Departments, saving time and money in the process.

Compliance is critical, particularly in the healthcare industry, to ensure all data stored in the cloud is both private and secure. According to industry forecasts, 90% of organizations that fail to control cloud use will inappropriately share sensitive data by 2025. Tableau meeting HIPAA requirements signifies compliance with privacy and security standards of the healthcare industry while highlighting the critical role Tableau serves in its mission to create a trustworthy and secure SaaS platform for customers.

Above are examples of safeguards Tableau has enacted to satisfy HIPAA requirements (Keep Your Data Private and Secure with HIPAA Compliance for Tableau Cloud(tableau.com))

The Technical Details:

Tableau has implemented default HIPAA safeguards in all Tableau Cloud points of delivery, including:

  • Storing user passwords in a hashed and salted format
  • Enabling audit logging, which allows system administrators in Tableau Cloud to track certain change activity
  • Providing customer administrators with configurable tools to govern access through maintaining strict password security policies
  • Continually monitoring for potential risks, threats and vulnerabilities
  • Allowing customers to delete or update their data at a cadence of their choice
  • Enabling customer administrators to govern data visibility through providing configurable tools to define user profiles and permission sets
  • Enabling customer administrators to govern data access through providing configurable tools to define a company-wide sharing model, a role hierarchy, and security rules
  • Encrypting all ePHI data, both in transit and at rest
  • Ensuring potential security events are Identified, Reported, Triaged, and Tracked through documentation of incident management policies and procedures

Tableau Cloud has obtained TISAX and ISO 27001/27017/27018 compliance certifications and a SOC 2/3 certification to build on governance and infrastructure foundations.

In Summary…

  • Tableau Cloud has recently achieved HIPAA compliance, opening the door for the deployment of Tableau’s cutting-edge SaaS analytics platform in previously excluded industries
  • Not only will customers who opt for Tableau Cloud be able to visualize their data without security or privacy compliance concerns, they’ll also be saving critical time and money
  • This update makes Tableau Cloud an excellent choice for healthcare organizations to deliver valuable insights to stakeholders and remove an administrative burden off of their IT Departments

About RSM

RSM is a Tableau partner reseller with a team of Tableau Certified Data Analysts and Tableau Certified Associate Consultants. Additionally, RSM has a dedicated Healthcare Analytics industry team and a service line of privacy and cybersecurity experts. We would love the opportunity to talk with you about your business objectives, analytics goals, and licensing questions over a complimentary call! If you have any questions about Tableau Cloud’s new update or Tableau analytics, please reach out to Lillian Buziak at lillian.buziak@rsmus.com.

 

Receive Posts by Email

Subscribe and receive notifications of new posts by email.