Showing results for 
Search instead for 
Did you mean: 
First-timer (legacy)
Status: Declined
We are working to automate business processes for our online health clinic, and integrating with ShipStation makes managing the whole shipping process easier. But since we are a US base health provider, any service provider we integrate and handle or process PHI (personal and health information) data with, must be HIPAA compliant, and be able to sign a BAA (business associate agreement) with the health provider. Meanwhile, we will have to develop our in-house integration with a HIPAA compliant or exempt shipping provider (like Fedex, or UPS) and that adds serious development burden, provides very little shipping flexibility and and locks us in. Ensuring compliance with HIPAA regulations and issuing BAAs would be a great addition to the platform. Thanks!
First-timer (legacy)
Moreover, there are lots of other healthcare data privacy regulation acts the software should be compatible with. Here is a detailed guide to different laws regulating the data handling:
Status changed to: Declined

Hello @developer_aod


Thank you so much for taking the time to share this idea with us.


ShipStation is just a technology layer for transmitting information to carriers, such as USPS and UPS. Similar to the carrier itself, our service is not designed or intended to store any data subject to HIPAA compliance requirements and we have not been subject to a HIPAA compliance audit. Other customers that have asked about HIPAA requirements have been able to sign-off that our particular systems are not subject to those requirements due to the nature of our service. Here is a link that provides more information about HIPAA compliance with respect to carriers that other customers have found to be very helpful: