New 42-day free trial
Smarty
    • Message to stay HIPAA and ACA compliant

    Your product might be HIPAA and ACA-compliant in theory, but a mistyped ZIP Code or invalid apartment number can still trigger privacy violations, eligibility errors, and failed mailings. Misdirected mail is explicitly named in HIPAA breach cases.

    For example, the Health and Human Services (HHS) Office for Civil Rights (OCR) has publicly cited misrouted or misaddressed mail as a cause of HIPAA breaches in their breach portal

    Aetna paid $1.15 million in 2018 for a mailing breach where envelopes revealed sensitive information to the wrong recipients. 

    Hospitals are losing money

    Sentara Hospitals paid $2.175 million in 2019 after mailing billing statements to incorrect recipients. In this breach, Sentara mailed 577 patients’ health information to incorrect addresses. The bills included names, account numbers, and dates of services.

    OCR breach data confirms that “unauthorized access/disclosure” due to mail/email error is a top-tier breach type, too. In fact, in HHS OCR’s breach summary data, you can filter breaches by cause, and many are categorized as “unauthorized access/disclosure - Mail/email to wrong recipient.” 

    These aren’t edge cases; they’re avoidable failures rooted in bad address data.

    If you’re feeling anxious about healthcare compliance, we’re here to relieve your anxiety. Embedding address validation, autocomplete, and rooftop-accurate geocoding into your platform is relatively easy, runs on autopilot after setup, and helps reduce regulatory risk, protect member data, and keep your workflows clean and compliant.

    Here's what you can expect to read about today:

    Address data is core to compliance

    Healthcare compliance manual

    HIPAA requires that PHI only be delivered to the intended recipient. A misrouted ID card, bill, or EOB can qualify as a reportable breach. Under the ACA, plan eligibility and subsidies are based on geographic location. The Centers for Medicare and Medicaid Services (CMS) uses ZIP-to-county mappings to assign rating areas, making county-level accuracy non-negotiable.

    State-level differences compound the risk. California uses smaller geographic rating areas, while Texas has much broader regions. A member on the edge of a ZIP Code boundary could be mistakenly offered the wrong plans or rates if the address isn’t mapped precisely.

    The cost adds up. USPS data shows that it costs them $1.2 billion annually in operational costs from undeliverable-as-addressed (UAA) mailpieces. In health insurance, every returned ID card or Explanation of Benefits (EOB) means wasted delivery money, rework burden, and a frustrated member.

    HIPAA also has technical requirements that accurate address data helps you achieve. Safeguards such as access control and data integrity play into the expectations HIPAA holds for health insurance platforms. 

    Validating addresses can prevent unauthorized disclosures by ensuring PHI is delivered only to verified, intended recipients. A quality address data solution like Smarty won't silently correct bad data. If an address can’t be validated by reasonable fuzzy matching logic, it’s flagged, not "fixed." This ensures that no PHI is sent to an unintended recipient because of incorrect assumptions or bogus autocorrections.

    Where Smarty fits in your product stack

    Product stack integration

    Regulatory compliance:

    • County-level metadata and FIPS codes ensure member addresses align with jurisdictional requirements for CMS reporting, Medicaid redetermination, and benefit eligibility determination.

    Onboarding & enrollment:

    • Address autocomplete helps ensure members input valid addresses in real-time.
    • Significantly cuts down manual entry errors.

    Member communications:

    • Verified addresses prevent undeliverable ID cards or EOBs.

    Claims processing:

    • Standardized, verified, and deduplicated addresses help reduce claims denial rework.

    Fraud detection:

    • Rooftop geocoding enables precise distance calculations (and even routing) between providers and patients.

    Eligibility & plan design logic:

    • County mapping powers accurate plan availability, rating, and communications.

    Data hygiene & deduplication:

    • SmartyKey helps you unify member records across databases and align 3rd-party data using a persistent address ID.

    How address workflows fail

    Most platforms rely on self-entered data and tools like Google Places, which prioritize getting any “result” or “match”, instead of getting the right address. Google and others will map addresses like “123 Fake Street”, but they may not be deliverable or real. Tools that are willing to match with fake addresses will also not flag unintelligible entries, and won’t catch non-existent secondaries.

    Smarty tested other address tools and found that range-based validation systems can generate over 2,000 false positives per street due to loose house number matching. Some tools silently “correct” building numbers to return a match, even if the address is off by blocks or miles.

    False positives in healthcare aren’t just inconvenient—they’re violations. An address that looks valid but routes PHI to the wrong door could result in serious regulatory consequences.

    And, we haven’t even touched on the ACA-specific implications. 

    ACA-specific implications of accurate address data

    The Affordable Care Act (ACA) has several compliance-sensitive requirements that hinge on geographic precision. County-level boundaries define plan eligibility, rating areas, subsidy qualifications, and more, so having EXACT address information is crucial to carry out a workflow that works. 

    Accurate address data creates an environment where your organization experiences bonuses that are also ACA-compliance friendly:

    1. Enhanced plan filtering during enrollment: When ZIP Codes span across multiple counties, as 15-20% do, relying on only ZIP-to-county mappings can result in you suggesting incorrect plans to customers. Address verification helps to clear things up by returning the county name and FIPS Code for every address. This helps you identify the correct rating area.
    2. ACA-compliant rate quoting engines: FIPS Codes feed into your quoting engine so that you use the correct county and CMS rating area to fetch the appropriate rates. Your insurance platform will link addresses to the right county for perfectly accurate premium suggestions and rates. You’ll also prevent your teams from offering or enrolling users in plans they’re not actually qualified for, reducing misquoted premiums and compliance audit risk.
    3. Member services are always eligible and reimbursable for home-based care: Solve the problem of Medicaid-managed or dual-eligible plans going outside of a provider’s approved service area. By geocoding the patient and provider addresses, health insurance platforms can more accurately calculate distance and flag mismatches when care would extend outside the defined allowed areas.
    4. Bolstered CMS enrollment reporting and auditing: With the CMS requiring enrollment counts by accurate rating areas and counties, address errors can lead to compliance audits, funding issues, or penalties. But with the county FIPS Code that’s included in address verification metadata, your records will support accurate monthly enrollment reporting and audit-readiness!
    5. Fraud prevention: Fraudulent claims sometimes use addresses at county boundaries to qualify for better plans or benefits that they might not receive at their true address. Accurate FIPS Codes help you block attempts to gamify the eligibility system. 

    If your healthcare insurance platform is handling plan selection, rate quoting, provider matching, or enrollment reporting, you need CMS-aligned county mapping. Smarty provides what you need via an easy API integration. AND, Smarty’s georeference data provides the census block and tract for every address so that you can link to census demographic data and be able to report on compliance with serving all socioeconomic populations. 

    Validation as a compliance control

    Image showing dropdown of valid addresses furnished by US Address Autocomplete demonstrating that addresses need to be valid

    By integrating Smarty’s address data solutions into your platforms, you’ll be able to elegantly fix address data issues at the source. With address autocomplete, only mailable, USPS-verified addresses are accepted during enrollments or other form fills. Secondary units like apartments and suites are verified, and the address verification API flags missing or ambiguous data. 

    Nothing is changed silently. 

    If an address is so malformed that fuzzy matching can’t confidently match it to the correct verified address, it’s rejected or flagged rather than “verified” bogusly. Quality results from Smarty help you avoid compliance anxiety and liability.

    If you're relying on ZIP Codes alone for healthcare compliance or reporting, you're going to have a bad time. ZIP Codes aren’t tied to county boundaries—analysis of Florida’s 983 ZIP Codes shows that nearly 30% cross county lines.

    Since USPS ZIP Codes are designed for mail delivery, not geographic analysis, they can make patient population analysis, resource allocation, and regulatory reporting difficult. That’s where address verification metadata steps in. With accurate county FIPS codes included, you can align patient addresses with the correct jurisdiction, ensuring clean data and confident compliance. 

    Identity anchoring with address + name

    The real power of address validation goes beyond compliance. A clean, standardized address becomes an identity anchor. Pairing a person’s name with their validated and standardized address drastically improves match rates in your system. There might be dozens of people named Jeffrey Duncan in Utah—but only one at a specific address or rooftop.

    Even without a name, Smarty’s  SmartyKey® unique address ID enables you to easily identify duplicate records and unify records across systems. This eliminates the need for maintaining multiple inconsistent address tables. One clean, deduplicated address database can serve all systems: onboarding, billing, claims, provider matching, and communications.

    Mapping + insights

    Mapping with rooftop-accurate geocodes

    With Smarty’s rooftop-accurate geocodes, address data becomes visual and strategic. You could potentially map every patient’s address for analysis. This kind of data visualization supports everything from regional marketing to in-home care and fraud detection.

    If patients cluster on one side of a freeway, that might reveal service gaps, referral patterns, or demographic trends. Combine Smarty geocodes with Census Bureau overlays, and you can instantly analyze income bands, household sizes, or aging populations per region.

    Addresses, when standardized and geocoded, become a lens into your population—not just a place to send mail.

    What to look for in a health-compliant address solution

    Green checkmark on a shield indicating a health-compliant address solution

    We’ve done a lot of homework for you in “What to look for in an address data solution.” But if you want just a few tips, here they are:

    Look for a CASS-certified provider, Delivery Point Validation (DPV), and accurate county FIPS Codes that reflect CMS standards. Geocoding should resolve to the rooftop level, not just parcel centroids. Secondary address data should be validated, flagged, or rejected when missing.

    Security also matters. Smarty's annual SOC 2 certification ensures that we meet (or exceed) industry standards for security and preparedness. During the 2024 CrowdStrike outage, which downed millions of systems, Smarty experienced zero downtime—thanks to our multi-cloud, provider-agnostic infrastructure.

    Find a solution with integrous controls. Silently changing bad data in the background can breed bad address data and false positives. If an address can’t be validated, it should be flagged, not “fixed.” This helps to ensure that no PHI is sent to an unintended recipient because of incorrect assumptions or bogus autocorrections or autofills.

    Why do platforms like yours integrate Smarty

    Hands holding gears as they shift

    There are popular platforms with Smaty integrations and leading healthcare companies that use Smarty over the other guys for their data cleanliness and accuracy. Why?

    • ROI you can justify to your boss: Reduction in returned mail percentages would be enough to more than pay for the cost of better address data, but when you add in the man hours saved from not having to chase down manual address reviews during onboarding or claims processing and the time saved per member record with autocomplete tools, it’s a no brainer.
    • Goldilocks match rates: Smarty’s match rates are not too aggressive (causing false positives) but not too weak, either. Smarty returns only real, deliverable addresses. No fake or forced matches. No silent edits. If Smarty needs to adjust any part of an input address to validate it, we’ll clearly show what was changed and why, giving you full transparency, less stress, and more control over how you handle address data.
    • Pinpoint accuracy: True rooftop geocoding powers pinpoint eligibility logic, provider search tools, home-based care, and regional plan filtering.
    • Processing speed >25,000 per second is standard in Smarty base plans. This is insanely faster than most others. And we can go much, much faster as needed.
    • Infrastructure redundancy: SLA uptime during outages like CrowdStrike helps your organization be backed by a company you can trust. Smarty has a historical uptime of >99.999%, so you don’t have to worry about being hung out to dry. We’re compliance-friendly by design and provide data persistence for you to reap the rewards of reduced liability.
    • Global service from Tokyo to Paris with more than 210 million addresses in the U.S. alone, including 20 million valid addresses that are not in the USPS database.
    • Easy, scalable implementation: Integrations are fast, flexible, and built for scale. With developer-friendly SDKs in 10 programming languages, boatloads of sample code, and friendly tech support humans (not bots), we’ll have you up and running in no time. Your developers and operations teams will praise you for choosing Smarty. Once up and running, Smarty runs on autopilot.
    • SmartyKey® bolstered: Our persistent, unique identifier helps confidently merge datasets from 3rd parties. It also helps identify duplicates and match patient records. See how Curatus did just that. Keep alias addresses from creating compliance issues down the road and ensure that duplicate records don’t sneak in and mess with your public health analysis and marketing campaigns.
    • Guaranteed data security with 24-hour monitoring, encryption, and data hashing.
    • Humans-answer-the-phone legendary support.
    • Transparent pricing. No setup fees, commitments, or gimmicks.
    • Trusted by leaders like UberChaseAmerican Red CrossStanford, & Aflac.
    • 42-day free trial to validate Smarty's performance. Go to the Smarty pricing page, select the product you want to try, and click “Get a 42-day free trial.”

    The bottom line

    Address validation isn’t just about mailing. It’s also about compliance control. It helps healthcare platforms prevent HIPAA violations, avoid ACA eligibility errors, and eliminate undeliverable mail at scale. 

    And with Smarty, it’s fast to implement, cost-effective, and built to scale with your platform. What you can expect (and what others have seen) when you choose Smarty:

    • Compliance-friendly by design.
    • 95%+ address match and resolution rate. Kukun case study.Stat showing that address validation reduces undeliverable mail by 50 - 70%
    • 50% to 70% reduction in undeliverable mail. Majority case study.
    • 2% to 9% increase in form submission rate. Fabletics case study.
    • 99.98% service level agreement (SLA) API uptime, including during high-risk outages like the 2024 CrowdStrike incident. Greater than 99.999% historical uptime.

    Smarty is the quality choice you can confidently stand behind. No one ever got in trouble for picking the solution that just works. When you bring Smarty to your team, they'll thank you for making the smart call.

    Want to see it in action?
    Get a demo or talk to a Smarty solution architect today.

    Subscribe to our blog!
    Learn more about RSS feeds here.
    rss feed icon
    Subscribe Now
    Read our 5 address validation use cases ebook nowDownload now
    Read our recent posts
    Inside Smarty - Brenyn Beesley
    Arrow Icon
    Meet Brenyn Beesley, our Business Development Manager. At Smarty, Brenyn has made waves on our Sales team with her exceptional interpersonal skills, ability to take on any organizational and operational challenge, top-notch singing, and all-around awesomeness. Let’s jump right in and get to know Brenyn!Can you explain your role at Smarty to a 10-year-old?“I help my team communicate with people from all kinds of jobs—delivery drivers, real estate agents, insurance workers. We show them how to use Smarty’s tools to find the addresses they need or learn more about a location.
    Build address data into your health insurance platform to stay HIPAA and ACA compliant
    Arrow Icon
    Your product might be HIPAA and ACA-compliant in theory, but a mistyped ZIP Code or invalid apartment number can still trigger privacy violations, eligibility errors, and failed mailings. Misdirected mail is explicitly named in HIPAA breach cases. For example, the Health and Human Services (HHS) Office for Civil Rights (OCR) has publicly cited misrouted or misaddressed mail as a cause of HIPAA breaches in their breach portal. Aetna paid $1. 15 million in 2018 for a mailing breach where envelopes revealed sensitive information to the wrong recipients.
    Improving user/customer experience in every industry with clean address data
    Arrow Icon
    You finally track down an essential addition to your collector’s set of [insert item of your choice], and you're hyped to buy it until the chaos begins. The cart is hidden in a fly-out on the side, cluttered with blocky, overwhelming text. You spend way too long just trying to find the "Proceed to Checkout" button. 👎 That’s bad UI (user interface): messy, confusing design that makes navigation a chore. You make it to the checkout and start entering your info, but the site keeps rejecting your address.
    Previous Post
    Next Post

    Ready to get started?

    Schedule Demo
    42-day Free Trial