Cytobank is not currently certified to store patient information that is not de-identified, and thus does not fulfill HIPAA guidelines. Typically, Cytobank users de-identify their samples and replace any personally identifiable information with unique ids (e.g. HM3223).
Cytobank is also not currently 21 CFR Part 11 compliant.
These certifications are a work in progress and questions about the current state can be addressed to sales@cytobank.org.
Hosted/customized versions of Cytobank can be configured for a tighter integration with clinical systems. Questions on this service can also be addressed to sales@cytobank.org.