Is Jane App HIPAA compliant? (2026 update)

Jane is practice management software for health and wellness clinics that lets practices book appointments, chart, schedule, invoice, process payments, run telehealth, and use AI-assisted charting tools.

Is Jane App HIPAA compliant? Yes, Jane App is HIPAA compliant.

What changed this year?

As of March 2026, our review did not identify any publicly disclosed change removing Jane’s BAA availability or reversing its stated HIPAA-compliant position. Jane’s newer AI materials continue to say that Jane, including AI Scribe, is HIPAA compliant and that customer data is not used to train AI models.

Will Jane sign a business associate agreement BAA?

Yes, Jane will sign a business associate agreement. Jane’s Terms of Use state, “If a Subscriber is subject to the Health Insurance Portability and Accountability Act of 1996 (HIPAA), we will, upon request, enter into our standard Business Associate Agreement (BAA) with the Subscriber.”

What does the Jane BAA cover?

Jane does not publicly post the full text of its standard BAA, so the exact clause-by-clause scope is not fully verifiable from public sources alone. Jane’s public materials do show that its HIPAA offering is intended to cover Jane’s role as a service provider or business associate for patient data stored and processed inside the platform.

Publicly disclosed materials suggest Jane’s HIPAA-related offering covers:

• Storage and processing of patient data inside the Jane platform.
• Role-based access and permission controls for staff.
• Audit logging and review of access activity.
• Encryption for data in transit and at rest.
• Limited internal access by Jane personnel subject to confidentiality and business-need restrictions.
  
  

What does the Jane BAA exclude?

Two limits are clear from Jane’s public terms and privacy notice. Jane says Patient Authentication Data is not Subscriber Data and is not considered personal health information for that purpose. Jane also says subscribers retain sole control over what patient data to collect, how to use it, who can access it, how long to keep it, and when to delete it.

Conclusion

Jane signs a BAA on request and publicly describes itself as HIPAA compliant, so Jane can be HIPAA compliant. The main limitation is transparency: Jane does not appear to publish its full standard BAA, so healthcare organizations should review the actual agreement and confirm how specific features, staff permissions, retention settings, integrations, and workflows are handled before using Jane for HIPAA-regulated data.

Learn more: HIPAA Compliant Email: The Definitive Guide

FAQs

What is a business associate agreement?

A business associate agreement is a contract between a covered entity and a business associate that sets the permitted uses and disclosures of PHI and requires the business associate to safeguard that information appropriately. HHS says covered entities generally must have these contracts in place when a vendor creates, receives, maintains, or transmits PHI on their behalf.

What is HIPAA?

HIPAA is the federal law that sets national standards for protecting protected health information. HHS explains that the HIPAA Rules include privacy and security requirements, and that covered entities must impose written safeguards on PHI used or disclosed by their business associates.

Who does HIPAA apply to?

HIPAA applies to covered entities such as healthcare providers, health plans, and healthcare clearinghouses, and it also applies in important ways to business associates that perform services involving PHI on behalf of covered entities.