HIPAA Compliance Vendors for Financial Services
HIPAA compliance vendors for financial services on this page combine HIPAA Privacy and Security Rule controls with the data-residency and sovereignty controls financial-services firms typically require under GDPR, GLBA, and SEC/FFIEC guidance. Side-by-side comparison: framework coverage, pricing model, audit support, last-verified dates. Independent directory — not paid placements.
| Vendor | HQ | Founded | Size | Pricing | Last verified |
|---|---|---|---|---|---|
| Scrut Automation | Palo Alto, US | 2021 | 51-200 | Contact for pricing | Apr 24, 2026 |
| Drata | San Francisco, US | 2020 | 501-1000 | Contact for pricing | Apr 24, 2026 |
| Giskard | Paris, France | 2021 | 11-50 | Contact for pricing | Apr 24, 2026 |
| BigID | New York, USA | 2016 | 500-1000 | Contact for pricing | Apr 26, 2026 |
| Arthur | New York, US | 2019 | 51-200 | Contact for pricing | Apr 26, 2026 |
| Fiddler AI | Palo Alto, US | 2018 | 51-200 | Contact for pricing | Apr 26, 2026 |
About HIPAA
HIPAA governs the privacy and security of Protected Health Information (PHI) in the United States. AI vendors operating in healthcare must meet HIPAA Security Rule requirements (access controls, audit logs, integrity, encryption) and sign BAAs with covered entities. HIPAA applies directly to many AI use cases in clinical decision support, diagnostics, and healthcare operations.
Read framework guide →About Financial Services
Banking, lending, insurance, and capital markets firms deploying AI for credit decisioning, fraud detection, underwriting, algorithmic trading, and customer service. Subject to heavy sector-specific oversight (OCC, FRB, CFPB, FCA, EBA) layered on top of horizontal AI regulations.
See all financial services vendors →