We often get asked by customers and prospects about Google Calendar and their ability to use it in a HIPAA compliant manner. We know the HIPAA market is vast so we can empathize with just how many people need to use cloud-based storage services in this sector.
SEE ALSO: Google & HIPAA Compliance: The Ultimate Guide
In previous posts, we’ve covered the following cloud solutions and their capabilities for HIPAA compliance:
- Amazon CloudFront
- Apple iCloud
- Apple iMessage
- Box
- Calendly
- Citrix ShareFile
- Constant Contact
- DocuSign
- Dropbox
- FaceTime
- Google Docs
- Google Drive
- Google Forms
- Google Hangouts
- Google Hangouts Chat
- Google Slides
- Google Voice
- GoToMeeting
- Heroku
- Intercom
- MailChimp
- Mandrill
- Microsoft Teams
- Microsoft 365
- OneDrive
- PostageApp
- Postmark
- Return Path
- SendGrid
- SharePoint
- Slack
- Sonic
- SparkPost
- Uber Health
- WordPress
- Yammer
- Zoho
- Zoom
The purpose of this post is to determine if Google Calendar offers HIPAA compliance or not.
SEE ALSO: How to Encrypt Gmail
About Google Calendar
Google Calendar is a time-management and scheduling calendar service developed by Google. It was first released in 2006.
Google Calendar and the Business Associate Agreement
We’ve previously talked about how a Business Associate Agreement (BAA) is a written contract between a Covered Entity and a Business Associate. It is required by law for HIPAA compliance. We checked Google's site and found a Google Workspace Administrator Help article called HIPAA Compliance with Google Workspace. In the article, Google points out: "Google offers a BAA covering Gmail, Google Calendar, Google Drive (including Docs, Sheets, Slides, and Forms)..."
Does Google Calendar Offer HIPAA Compliant Service?
The Business Associate Agreement is a key component to HIPAA compliance between a Covered Entity and a Business Associate. Since Google offers one that covers Google Calendar, we conclude that Google Calendar is a HIPAA compliant service. It's important to note however, you must sign a BAA with Google to be HIPAA compliant.
[alert-note]
G Suite email isn't HIPAA compliant out of the box.
Download the Quick Guide to HIPAA Compliant Email for free.
[/alert-note]
Conclusion: Google Calendar is HIPAA Compliant. Make sure you sign a BAA with Google.
SEE ALSO: HIPAA Compliant Calendar Invitations