{1 - 24} GreyGrey
{25 - 49} GreenGreen
{50 - 499} BlueBlue
{500 - 4999} OrangeOrange
{5000 - 24999} RedRed
{25000+} BlackBlack

Please confirm that you would like to report this for an admin to review.


Is Google Drive HIPAA compliant?



Confirm that you would like to Remove Email Alerts for your question. You cant undo this and you will not be able to re-subscribe.


1 Answer

Yes and no. Simply signing up for and using Google Drive does not a HIPAA compliant approach to cloud storage make. There are three things to keep in mind: Business Associate Agreements; audit trails; and file synchronization.
According to Google’s own HIPAA compliance guidelines, businesses that want to store PHI on Google Drive in a HIPAA-compliant https://www.hipaanswers.com/is-google-drive-hipaa-compliant/ way need to sign a Business Associate Agreement with Google. The good news is that Google offers BAAs for paid users of its Google Apps platform. Specifically, the BAA covers Gmail, Google Calendar, Google Drive, and Google Apps Vault. The big caveat, though, is that it’s incumbent on the health care organization itself to configure those services to be Hipaa Compliant. The BAA also requires that you disable all additional services in the Admin console.
The Google Apps Admin console provides reports that provide important control over a team’s data. Admins can set file-sharing permissions so that people only have access to sensitive protected health information on a need-to-know basis, and they can also prevent employees from sharing information outside their domain.

Confirm that you would like to select this answer as the "Best Answer" to your question. This will bring this answer to to top and be highlighted as "Best Answer". You can always change this if a better answer is given.


You must be Logged In to Answer this Question

Already a Member, Log In
Not a member yet? Sign Up
happy wheels