Hi Gabriel,

I do not believe you'll get a formal statement because for the software to be HIPAA compliant, it would depend on the hardware and network configuration. Overall security would depend on if you're running Crystal Server on a dedicated, secure web server, Active directory, database security, mail server security, among other things.

HIPAA compliance really is a broad statement but can Crystal Server work as part of a HIPAA compliant environment, then the answer would be yes with the caveat that all the other pieces must be properly secured.

You may get a better response though if you can ask about which HIPAA issues you're concerned about does Crystal Server meet.

Brian

Screen shot and printout PII data masking is just a tiny part of what could be useful but not always is practical. Given a very intense activity of penetration based fraud we start to see that the actual PII data should almost never be displayed/printed but some sort of reference-to-actual data should be designed and used instead. Read more on B V L account.