Frequently Asked Questions about HIPAA Compliance

What is HIPAA?

The Health Insurance Portability and Accountability Act of 1996 (HIPAA) is a US federal law that created national standards to safeguard patients' protected health information (PHI).

When do I need HIPAA-compliant e-signing?

If your organization is a Covered Entity (such as healthcare providers, health plans, or healthcare clearinghouses) or Business Associate as defined by HIPAA, the e-signing service you use must be HIPAA-compliant.

How much do I need to pay for RabbitSign's HIPAA-compliant e-signing?

Zero. RabbitSign's HIPAA-compliant e-signing is completely free. It's not a free trial or a free tier. It's completely free. Period.

Why is RabbitSign providing HIPAA-compliant e-signing for free?

RabbitSign is an Activism Corporation, a for-profit company whose primary objective is NOT maximizing shareholder value. RabbitSign wants to lower the cost of e-signing for as many businesses, nonprofits, and government entities as possible. Providing HIPAA-compliant e-signing for free is RabbitSign's way to help lower healthcare costs in the US.

Other e-signing services typically charge hefty fees for HIPAA compliance. How is RabbitSign able to provide HIPAA-compliant e-signing for free?

On the technical side, RabbitSign lowered the operating cost of e-signing to the floor by leveraging revolutionary AWS serverless computing architecture. It costs RabbitSign less than $1 to process 1000 document signings. (In AWS speak, a 128-MB Lambda costs $0.0000000021 per millisecond.) Combined with some advertising revenue, RabbitSign is free and profitable. On the compliance side, RabbitSign has partnered with Compliancy Group. Between the money saved by switching from another e-signing service to RabbitSign and their goodwill to support RabbitSign's efforts to help lower healthcare costs, Compliancy Group provided their HIPAA compliance service practically free of charge.

How do I get HIPAA-compliant e-signing with RabbitSign?

Simply sign in to your RabbitSign account, and accept the BAA (Business Associate Agreement) here. Please note that while this makes your RabbitSign account HIPAA-compliant, you are responsible for your own company's HIPAA compliance program.

My business is not in healthcare. Should I enable HIPAA compliance even though I don't need it?

No. Because healthcare is tightly regulated, HIPAA-compliant e-signing is more nuanced than regular e-signing. For example, signers must create a RabbitSign account to view and sign a HIPAA-compliant document. So don't enable HIPAA compliance unless your business requires it.

After making my RabbitSign account HIPAA-compliant, can I go back to a regular RabbitSign account that is not HIPAA-compliant?

No. This is to prevent users from accidentally causing HIPAA violations.

After making my RabbitSign account HIPAA-compliant, what happens to the signing requests that are still waiting for signatures?

Documents sent before enabling HIPAA compliance remain not HIPAA-compliant. Only documents sent after enabling HIPAA compliance are HIPAA-compliant.

What is the HIPAA Seal of Compliance?

Although there's no official certification of HIPAA compliance, RabbitSign partnered with a third-party compliance company to ensure we're doing everything right. After completing their program, RabbitSign received their Seal as proof of our good faith effort. To verify our compliance, you can click here or on the Seal.

What are the implications of RabbitSign achieving HIPAA compliance?

Achieving HIPAA compliance was a rigorous and lengthy process. It is a testament of RabbitSign's maturity and security, validated by a trusted independent third party. Now Covered Entities and Business Associates can be confident about RabbitSign's capability to safeguard their sensitive PHI (Protected Health Information).

What if I have a question not answered in this FAQ?

We'd love to hear from you! Please email