HIPAA Compliant User Research with Rally

Safeguard sensitive participant data throughout the research process. Rally UXR is HIPAA compliant, ensuring the highest standards of data protection and privacy.

Mark Any Property as PII or PHI

Protect participant health information by marking any property in Rally as PII (Personally Identifiable Information) or PHI (Protected Health Information).

two pink arrows pointing in opposite directions

Secure Participant Management

Safely sync contacts via our integrations with Snowflake and Salesforce. All participant names, emails and properties marked as PII and PHI are automatically masked for Observers.

Frequently Asked Questions

What is HIPAA Compliance?

HIPAA (Health Insurance Portability and Accountability Act) compliance signifies that Rally adheres to strict security and privacy standards set by the U.S. Department of Health and Human Services. This compliance ensures that protected health information (PHI) is handled and stored securely, safeguarding participant confidentiality and privacy.

Rally has signed BAAs with all third party integrations & vendors that process PHI.

What is the difference between PHI and PII?

PII refers to any information that can be used to identify an individual. This includes things like names, email addresses, phone numbers, social security numbers, and even IP addresses. Essentially, if the data can be linked back to a specific person, it's considered PII.

Protected Health Information (PHI) is a subset of PII, but it specifically pertains to health information that is linked to an individual's medical history, diagnosis, treatment, or payment for healthcare services. This could include things like medical records, lab results, insurance information, and even conversations about health conditions.