Samsung Notes is a note-taking and organizational app integrated into Samsung devices that enables users to create, edit, organize, and sync handwritten, typed, or audio transcribed notes across devices via Samsung Cloud. With Samsung Notes, users can manage personal thoughts, lists, memos, and voice-recorded content in a centralized platform.
Is Samsung Notes HIPAA compliant? No, based on the publicly available Samsung Services Terms, Samsung Notes is not HIPAA compliant for handling protected health information (PHI).
No, Samsung does not offer a BAA for Samsung Notes. In fact, the Terms explicitly prohibit the use of advanced intelligence features, including transcription and summarization, for storing or processing health information subject to HIPAA, unless an executed BAA exists. No such BAA is evident in the general Terms.
“You may not use the advanced intelligence features … to transmit, store, or process health information subject to United States HIPAA … except as permitted by an executed HIPAA BAA (Business Associate Agreement).”
While Samsung Notes is not explicitly called out in that clause, any advanced features it integrates, like transcription, summarization, or AI formatting, fall under this restriction.
There is no BAA for Samsung Notes, and its Terms discourage using the app to store or process PHI. Samsung Notes is therefore not HIPAA compliant.
See also: HIPAA Compliant Email: The Definitive Guide (2025 Update)
A BAA is a contractual requirement under HIPAA that defines how PHI can be handled by a vendor acting on behalf of a covered entity, including required safeguards, reporting, and rights related to PHI.
HIPAA establishes federal standards to safeguard the privacy and security of PHI handled by healthcare entities and their vendors.
HIPAA applies to covered entities, like healthcare providers or health plans, and to their business associates, vendors who create, receive, maintain, or transmit PHI on their behalf.