Topics Map > Page Builder
Topics Map > Integrations
LCS - Using Web Analytics for apps within Health Care Component
Is your application a privacy compliance risk?
Contact the Office of Compliance if these three conditions apply, as the data collection process may be a privacy compliance risk:
-
- Your application is considered inside the Health Care Component, and
- Your application pages require authentication (e.g. NetID), and
- Your application is using, or are thinking about using, Web Analytics. (e.g. Google Analytics)
Details
The Office of Compliance has determined that the US Federal guidance on HIPAA compliance concerns when using web analytics technology (specifically Google Analytics) does not apply to any unauthenticated web pages/applications using web trackers such as Google Analytics. However, that guidance does apply to any authenticated pages/applications within the UW-Madison’s Health Care Component. Because determining HIPAA compliance is not always straightforward, the DoIT project team and Office of Compliance is asking IT Services where Google Analytics is an option to request application developers/managers to seek guidance before adopting that usage.