We sometimes get asked by customers and prospects about Calendly and their ability to use it in a HIPAA compliant manner.
We know the HIPAA industry is vast so we can empathize with just how many people need to use cloud services in this sector.
In previous posts, we’ve covered the following cloud solutions and their capabilities for HIPAA compliance:
- Amazon CloudFront
- Apple iCloud
- Apple iMessage
- Citrix ShareFile
- Constant Contact
- Google Calendar
- Google Docs
- Google Drive
- Google Forms
- Google Hangouts
- Google Hangouts Chat
- Google Slides
- Google Voice
- Microsoft Teams
- Office 365
- Return Path
- Uber Health
Today, we will determine if Calendly offers HIPAA compliant service or not.
SEE ALSO: HIPAA Breaches and Cloud Providers
Calendly is a simple, easy-to-use scheduling tool for businesses that eliminates email back and forth. It helps save time so that businesses can provide great service and increase sales.
Calendly and the Business Associate Agreement
We’ve previously talked about how a Business Associate Agreement is a written contract between a Covered Entity and a Business Associate. It is required by law for HIPAA compliance.
Specifically, we combed these pages for mentions of Calendly and HIPAA compliance:
We were unable to find anything related to HIPAA on those pages.
Does Calendly Offer HIPAA Compliant Service?
The Business Associate Agreement is a key component to HIPAA compliance between a covered entity and a business associate.
With some directed research, we were able determine that since Calendly does not make any mention of HIPAA or their ability to sign a BAA, they are not a HIPAA compliant service.
Conclusion: Calendly is not HIPAA compliant.