Hey all,
I’m wondering if anyone has experience getting their app HIPAA compliant. I’m guessing there’s a lot more to do than simply upgrade the Xano plan, but I haven’t found a clear roadmap on what to do next.
Has anyone done this? Or know generally what the process is like?
Some specific questions: is there an audit to pass? Can I send Business Associate Agreements (BAA), encrypt PII, draft some audit/compliance standards and be good? Do I need SOC 2 as well?
This is a vague question, but any help pointing me in the right direction would be greatly appreciated.
(FYI WeWeb is front end.)