A customer asked us this week about whether they were able to use Zapier in a HIPAA compliant manner.
We know the HIPAA industry is vast so we can empathize with just how many people need to use cloud services in this sector.
In previous posts, we’ve covered the following cloud solutions and their capabilities for HIPAA compliance:
- Adobe Campaign
- Amazon Alexa
- Amazon CloudFront
- Apple iCloud
- Apple iMessage
- Citrix ShareFile
- Constant Contact
- EarthLink Email
- Google Analytics
- Google Calendar
- Google Docs
- Google Drive
- Google Forms
- Google Hangouts
- Google Hangouts Chat
- Google Slides
- Google Voice
- Microsoft Exchange
- Microsoft Teams
- Office 365
- Return Path
- Uber Health
Today, we will determine if Zapier offers HIPAA compliant service or not.
SEE ALSO: HIPAA Breaches and Cloud Providers
Zapier is a cloud-based automation tool that connects popular apps together to automate repetitive tasks.
Zapier’s primary value proposition is that it can be quickly setup without coding or relying on developers to build the integration.
Zapier and the Business Associate Agreement
We’ve previously talked about how a Business Associate Agreement is a written contract between a Covered Entity and a Business Associate. It is required by law for HIPAA compliance.
We checked Zapier’s site and quickly found the answer we were looking for on their Data Privacy page.
On that page, we found:
Zapier can not claim HIPAA compliance.
Does Zapier Offer HIPAA Compliant Service?
The Business Associate Agreement is a key component to HIPAA compliance between a covered entity and a business associate.
We quickly discovered that Zapier is not in the business of providing HIPAA compliant service.
Zapier is not HIPAA compliant.