Skip to main content
All CollectionsCompliance and RegulationHIPAA Compliance
Collecting payment from patients (and HIPAA compliance)
Collecting payment from patients (and HIPAA compliance)

How to use Stripe and maintain HIPAA compliance

Updated over a year ago

Doxy.me allows you to charge patients using Stripe.com, which deposits payments directly into your bank account. 

You can use Stripe and be HIPAA compliant

Although processing payments through a credit card processor can generate personally identifiable information, Health and Human Services (HHS) have stated that collecting payments is excluded explicitly from HIPAA mandates.

Limit your use of Stripe

Be sure to limit your use of the payment service to only collecting payments. Anything above and beyond taking payments makes them a business associate. Do not use any of Stripe's other features like invoicing and financial analysis unless you first get a BAA from them. 

If you have any other questions, please contact our support team.

Did this answer your question?