HIPAA requires covered entities to handle protected health information (PHI) properly or face potential fines or criminal prosecution. There are additional restrictions on what information employers can have access to and how that information can be utilized. For example, PHI cannot be used to make employment decisions.
Gusto maintains HIPAA compliance and safeguards people’s PHI when providing benefits to businesses. Additionally, we maintain business associate agreements (BAAs) between employers and Gusto, along with any third parties, like insurance companies.