TaxJar, the leading SaaS sales tax compliance platform, has successfully completed a voluntary examination by the independent CPA firm Shellman & Company into its Health Insurance Portability and Accountability Act (HIPAA) compliance. The Type 1 audit confirmed that the company’s sales tax platform is in compliance with the required controls under HIPAA healthcare regulations. This examination was specifically focused on the HIPAA security rules and breach notification requirements, and categorizes TaxJar as a HIPAA Business Associate.
“Health information is incredibly sensitive, and as TaxJar serves more healthcare-focused businesses, it was important to us to ensure the highest level of security for that data. HIPAA compliance gives customers the confidence that their data is in good hands — and that TaxJar has all the proper HIPAA related controls in place,” said Jennifer Carati, TaxJar’s VP of Security, Compliance & IT.
Some of the key components of the HIPAA examination included:
- Policies and procedures as they relate to ePHI
- Access management
- Access control procedures
- Authentication requirements
- Workstation security
- Proper security monitoring controls
In addition to this successful HIPAA audit, TaxJar recently underwent a successful System and Organizations Controls (SOC 2), Type 2 audit, also by Shellman, asserting that TaxJar meets strong standards for data security. The successful HIPAA and SOC2 audits assure customers that TaxJar will give them exceptional data security as well as sales tax compliance.