• Home
  • /Home
  • /Google Apps and HIPAA Compliance: What you should know

Healthcare providers have been reluctant to adopt Google Apps for Business (understandably) primarily because of HIPAA compliance concerns.



Until recently, HeathCare providers could use Google Apps (and remain HIPAA compliant) as long as Protected Health Information (PHI) was not transmitted or stored within their Google Apps system.  (Several Healthcare providers we support use Google Apps in this capacity.)

The “thorn in Google Apps's side” regarding PHI and HIPAA compliance has been related to the Business Associate Agreement (BAA) required in HIPAA privacy rules: 45 CFR 164.502(e), 164.504(e), 164.532(d) and (e)].  Basically, the rule requires a “contract or  other agreement between the covered entity (Healthcare Provider) and business associate (Google)” in this example.  Healthcare providers did not have an easy way to obtain or request a BAA from Google.

Google recently “pulled the thorn out” and now provides an easy way for HealthCare providers to enter into a Business Associate Agreement and that covers their Google Apps systems.

HealthCare providers using Google Apps can electronically sign a HIPAA Business Associates Agreement (BAA) from Google by clicking on the following link:


Google Apps HIPAA Business Associate Amendment:



More Information regarding Google Apps and HIPAA:


Leave a Reply

Your email address will not be published. Required fields are marked *