HIPAA is the Federal Health Insurance Portability and Accountability Act of 1996. The intended goal of HIPAA is to "make it easier for people to keep health insurance, protect the confidentiality and security of health care information and help the health care industry control administrative costs."
Health care providers need to investigate potential partners to see how information is handled. For a fully HIPAA-compliant data solution, you can read more about our Enterprise data program. If necessary, we are happy to enter into a service partnership to validate your addresses. By doing so, we can become "part of your organization" for this function only, legitimizing the process and remaining within the HIPAA requirements.
To further ensure data privacy, you may want to provide address-only lists. All we need in order to validate an address is the address itself. You can remove all other information about the client—for example, use unique IDs instead of names—and we can still get the job done. Our page on data security should help to allay your fears and give you some good information to consider in helping you make a decision regardless of whom you choose to be your service provider.