Baseten announces HIPAA compliance

We’re excited to announce that we have satisfied all the necessary criteria to be HIPAA compliant through a requirements analysis and internal audit, driven by Drata.

We invite health-tech companies, healthcare providers, insurance companies, and other organizations handling PHI to deploy and manage ML models while ensuring the confidentiality, integrity, and availability of sensitive health information.

HIPAA—Health Insurance Portability and Accountability Act—is a federal regulation in the United States that sets rigorous standards for how protected health information (PHI) is handled. Complying with the regulation involves both technical and operational safeguards to protect PHI.

Using Drata, our privacy and security officer verified over 200 requirements across over 120 controls to ensure that Baseten’s infrastructure and operations continually adhere to industry standards for security and reliability.

We also recently completed a SOC 2 Type II audit, further certifying Baseten’s secure operations. 

Reports detailing our HIPAA compliance, SOC 2 Type II certification, and other security measures are available to current and prospective customers upon request.