Any PHI included in files uploaded to Google Docs must be in the document itself, and not used in the file name. Provided these precautions are taken, Google Docs is HIPAA compliant. Author: Steve Alder has many years of experience as a journalist, and comes from a background in market research.
Yes, Google Docs has stated that it is HIPAA compliant and Google will sign a Business Associate Agreement (BAA). Privacy settings for each Google Doc should be configured so that they cannot be viewed unless a user has permission.
You should be wondering “Can I use Google Docs for HIPAA compliance?”
The chosen answer was hIPAA compliance depends on how a service is used. That said, it is possible to use Google Docs without violating HIPAA Rules. Before any documents containing PHI are uploaded to Google Docs, the covered entity or business associate must first obtain a signed business associate agreement from Google. Once that BAA has been obtained, staff that.
That said, it is possible to use Google Docs without violating HIPAA Rules. Before any documents containing PHI are uploaded to Google Docs, the covered entity or business associate must first obtain a signed business associate agreement from Google.
Does Google Keep HIPAA compliant?
The short answer is yes, Google Keep can be configured to be HIPAA compliant. Just keep in mind that users are responsible for making sure Google’s services are configured correctly and are used in a manner that does not violate HIPAA Rules.
Google can be considered a HIPAA compliant service provider as Google supports HIPAA compliance for G Suite Basic, G Suite for Education, G Suite Business, and G Suite Enterprise domains and will enter into a BAA with healthcare customers.
One query we ran across in our research was “Is Google Home and Google Assistant HIPAA compliant?”.
According to this source, Google Home and Google Assistant are definitely not HIPAA-compliant. HIPAA demands that a person be informed if any sort of biometric identifier has been added to their personal health information. … Thus, Google is clearly in violation of the security rule.
This of course begs the inquiry “Is Gmail really HIPAA compliant?”
Yes, Gmail can be HIPAA compliant because it offers a Business Associate Agreement (BAA) for its G Suite products — but if you want to make a Gmail account HIPAA compliant, it must be a part of G Suite and cannot be a free, personal account. Need an easier way to collect info from patients?
Is data uploaded to Google Drive HIPAA compliant?
Covered entities should note that Google encrypts all data uploaded to Google Drive, but encryption is only server side. If files are downloaded or synced, additional controls will be required to protect data on devices. HIPAA-compliant syncing is beyond the scope of this article and it is recommended syncing is turned off.
Can Google workspace products be used for HIPAA compliance?
Administrators must review and accept a BAA before using Google services with PHI. See what Google Workspace products can be used for HIPAA compliance in the HIPAA Included Functionality.