Stephanie Kawamura, Head of Operations at Axiom, outlines the company's commitment to HIPAA compliance, which enables them to enter into Business Associate Agreements with entities handling protected health information (PHI). The Health Insurance Portability and Accountability Act, originally designed to facilitate the sharing of data among healthcare providers, requires adherence to Privacy and Security Rules, with a Breach Notification Rule added in 2009. Unlike other standards, HIPAA compliance is self-reported and managed internally, demonstrated through the ability to pass audits by the Office of Civil Rights if conducted. Axiom achieves compliance by appointing a HIPAA compliance officer, implementing administrative, physical, and technical safeguards, conducting regular risk assessments, and training employees, among other practices. While there is no official certification, compliance can be evidenced through audits, third-party assessments, and obtaining related certifications. Axiom emphasizes its dedication to maintaining the security and privacy of PHI while ensuring clients have full access to their event data.