1 min read

Is the Samsung Notes HIPAA compliant? (2025 update)

Picture of Kirsten Peremore Kirsten Peremore September 05, 2025

HIPAA compliant software
Is the Samsung Notes HIPAA compliant? (2025 update)

Samsung Notes is a note-taking and organizational app integrated into Samsung devices that enables users to create, edit, organize, and sync handwritten, typed, or audio transcribed notes across devices via Samsung Cloud. With Samsung Notes, users can manage personal thoughts, lists, memos, and voice-recorded content in a centralized platform.

Is Samsung Notes HIPAA compliant? No, based on the publicly available Samsung Services Terms, Samsung Notes is not HIPAA compliant for handling protected health information (PHI).

 

Will Samsung sign a business associate agreement (BAA) for Samsung Notes?

No, Samsung does not offer a BAA for Samsung Notes. In fact, the Terms explicitly prohibit the use of advanced intelligence features, including transcription and summarization, for storing or processing health information subject to HIPAA, unless an executed BAA exists. No such BAA is evident in the general Terms.

“You may not use the advanced intelligence features … to transmit, store, or process health information subject to United States HIPAA … except as permitted by an executed HIPAA BAA (Business Associate Agreement).” 

While Samsung Notes is not explicitly called out in that clause, any advanced features it integrates, like transcription, summarization, or AI formatting, fall under this restriction.

 

Conclusion

There is no BAA for Samsung Notes, and its Terms discourage using the app to store or process PHI. Samsung Notes is therefore not HIPAA compliant.

See also: HIPAA Compliant Email: The Definitive Guide (2025 Update)

 

FAQs

What is a business associate agreement?

A BAA is a contractual requirement under HIPAA that defines how PHI can be handled by a vendor acting on behalf of a covered entity, including required safeguards, reporting, and rights related to PHI.

 

What is HIPAA?

HIPAA establishes federal standards to safeguard the privacy and security of PHI handled by healthcare entities and their vendors.

 

Who does HIPAA apply to?

HIPAA applies to covered entities, like healthcare providers or health plans, and to their business associates, vendors who create, receive, maintain, or transmit PHI on their behalf.
Send PHI securely—No portals required. The all-in-one email security suite for healthcare. HIPAA compliant email with Google and Microsoft.

Subscribe to Paubox Weekly

Every Friday we'll bring you the most important news from Paubox. Our aim is to make you smarter, faster.