The HIPAA-compliant UX research platform
Protect your customers’ health data and maintain HIPAA compliance at every step of the research process.
Contact sales
Securely import customer health data
Our integrations with Salesforce and Snowflake make it safe and easy.
Contact salesMark any custom
attribute as PHI
Any attribute stored in our system can be marked as PII (Personally Identifiable Information) and PHI (Protect Health Information). This ensures it’s logged anytime it’s read or updated.
Contact sales
Your health data is safe with us
All access to PHI is logged
in our system
Anytime PHI is accessed in our system, we log it. This ensures HIPAA compliance in the event of a breach.
All of our vendors are
HIPAA-compliant
All third-parties processing PHI have signed a BAA (Business Associate Agreement) with Great Question. We encourage customers to sign one with us, too.
Both PII & PHI is obfuscated by default
This is set by default for most user roles
and can be configured to meet the needs of your team.
and can be configured to meet the needs of your team.
See the all-in-one UX research platform in action
Frequently asked questions
What is HIPAA?
The Health Insurance Portability and Accountability Act of 1996 (HIPAA) is a federal law that required the creation of national standards to protect sensitive patient health information from being disclosed without the patient’s consent or knowledge. The US Department of Health and Human Services (HHS) issued the HIPAA Privacy Rule to implement the requirements of HIPAA. The HIPAA Security Rule protects a subset of information covered by the Privacy Rule.
What’s the difference between PHI and PII?
Protected Health Information (PHI) is any health information that includes any of the 18 elements identified by HIPAA. Personally Identifiable Information (PII) is defined as data used in research that is not considered PHI and is therefore not subject to the HIPAA Privacy and Security Rules.
What is a BAA?
A Business Associate Agreement (BAA) establishes a legally-binding relationship between HIPAA-covered entities and business associates to ensure complete protection of PHI. This type of agreement is necessary if business associates can potentially access PHI during their work.
How do I get started with Great Question’s HIPAA Solution?
Great Question’s HIPAA solution is an add-on to our Enterprise plan you can choose to purchase. Great Question Enterprise customers who purchase the HIPAA add-on can enter into a BAA with us.
Privacy & Security
Are you SOC 2 compliant?
Yes, we have completed our SOC 2 Type 2 examination. This represents our organizations commitment to security for our customers data.
How do you track incentives sent outside of Great Question?
Our integration with the incentive platform Tremendous allows our customers to send incentives to over 80 countries worldwide. For those customers that would prefer to send their incentives in a different system, it’s easy to update the status of those incentives on each study participant.
Is it easy to share research across my organization?
It’s easy in Great Question to share your research findings via our Slack integration, or you can easily tag and compile findings in our research repository. This is all part of the platform.
Subscribe to our newsletter
Get great UX research reads & resources every other Friday.
© 2024 Great Question, Inc. All rights reserved.
