PHI Policy

Understand.com Content Related to HIPAA and PHI Concerns

Listed below is a summary of the technology our content uses, and the considerations related to HIPAA and PHI.

1. Google Analytics 4

Google Analytics 4 (GA4) allows us to track various types of data to understand how our video player is used on client sites. Here’s what we collect:

  • User Engagement Metrics:
    • Session Duration: Average engagement time
    • Pages/Session: Number of pages visited during a session, in this case views of different iframe-embedded videos
    • Bounce Rate: Percentage of sessions where the user left without interacting with the player
  • Technical Info:
    • Browser Type and Version: Helps in ensuring our player performs well across different technologies
    • Operating System: Used for similar purposes as browser information
    • Screen Resolution: To understand the different devices our player is viewed on
  • Geographical Data:
    • Country and City: Approximate location, not precise enough to pinpoint specific users
  • Basic Event Data:
    • Page view, scroll, click, first visit, play button click, seekbar drag, etc.

2. Data Processing and Privacy

  • GA4 does not log or store IP addresses. (1, 2)
  • Use of Cookies: GA4 uses cookies primarily for distinguishing between new and returning users. Our video player does not use cookies outside of GA4.
  • And specifically, we do not track the following: Age, Gender, Interests.

3. HIPAA Compliance Considerations

  • While GA4 collects data that is considered non-personal and aggregate, HIPAA
    • No PHI Collection: We do not track, collect, or store any PHI using GA4. Our tracking focuses on general usage data and user interactions without linking this data to any health records or personally identifiable information.
    • Compliance with Legal Standards: We continuously monitor regulatory guidelines to ensure our data collection practices comply with HIPAA and other relevant laws.


Last updated: