HIPAA compliance

HIPAA Compliance

Our solution is fully HIPAA-compliant.

Specializing in HIPAA-compliant payment processing software

Health Insurance Portability and Accountability Act (HIPAA) regulates the disclosure of individuals’ health information – also called protected health information (PHI). According to the standards set forth by the U.S. Department of Health and Human Services, PHI covers all “individually identifiable health information,” which specifically includes demographic information such as name and address, as well as credit card numbers. Any piece of information that can be traced back to an individual is subject to HIPAA regulations.

Organizations that violate HIPAA are faced with massive fines. Data breaches are not only a concern for large entities; every business that is associated with patients must be aware of HIPAA compliance, because a violation can be as simple as sending a payment receipt to the wrong person.

Rectangle Health specializes in HIPAA-compliant payment software and payment data security for healthcare organizations.

We keep PHI safe by storing all customer data in a secure, encrypted vault that is protected by layers of industry-leading, state-of-the-art technology. Sensitive information is not held on your premises or stored on your servers or computers.

We ensure you have the peace-of-mind that your payment transactions are PCI and HIPAA-compliant.

Address Verification System

Our Address Verification System (AVS) confirms the identity of every online payer by comparing the billing address to the address on file at the financial institution that issued the credit card. AVS not only confirms identity, but it also ensures that the financial details of the transaction are sent to the correct address, if mailed.

Point-to-Point Encryption

Our state-of-the-art, point-to-point encryption (P2PE) solution protects your organization from data theft. P2PE encodes payment card data from the moment the card is used until it reaches the payment processor, making it unreadable to third parties.


Tokenization is another way to make credit card numbers unusable. This method of security turns card numbers into tokens – randomly generated sets of numbers meaningful only to the card processor.

Fraud Monitoring

Trained risk management experts consistently monitor transactions, so that the safety and security of every transaction is guaranteed.

A significant portion of provider revenue —more than 9 percent of patients — was vulnerable to loss in 2020 due to poor customer experiences.1

1Of 2,000 patients surveyed in The Healthcare Payment Experience, January 2021, produced by PYMNTS.com and Rectangle Health.

Security is our priority.

Rectangle Health securely stores healthcare payment information, protecting both your practice and patients with today’s highest standards for compliance and PCI.