Does Godaddy offer HIPAA compliant web hosting?

Featured image

Share this article

Does Godaddy Offer HIPAA Compliant Web Hosting? - Paubox

When it comes to website hosting providers, GoDaddy is the 800-lb. gorilla in the industry. Founded in 1997, GoDaddy now hosts over 13 percent of all websites. Its 7,000 employees keep an estimated 20 million customers and their 60 million websites online.

If you’re looking for a company to host your website, GoDaddy seems like a popular and solid choice. But if your business is a covered entity under HIPAA, it’s a more complicated decision.

GoDaddy and HIPAA compliant web hosting

The official GoDaddy blog actually addressed HIPAA compliant web hosting back in 2016. Author Scott Knauss of the company’s Network Operations Center provides a good overview of data breaches, HIPAA, and healthcare industry websites.

“Protecting an internet connected server with HIPAA covered data or the office of a small medical practice that is connected to the internet is not something that should be left to an average site admin or website developer,” he writes.

Ultimately, Knauss recommends that covered entities “have someone who’s familiar with HIPAA and system security review [their] setup annually” and points out ten ways to tighten online security practices. But he does not mention GoDaddy’s own web hosting services or how they measure up.

However, we know that because GoDaddy, like most mainstream web hosts, co-locates multiple customers on a single server, and because its employees have access to all servers, it cannot be HIPAA compliant.

Is GoDaddy email HIPAA compliant?

As we’ve previously written, it is possible for a covered entity to use GoDaddy for HIPAA compliant email. Indeed, the only business associate agreement that GoDaddy provides relates to its email service. Note, however, that it involves GoDaddy’s integration with Microsoft’s Office 365.

If you’re considering this option, you’ll first want to look into how Paubox compares with Office 365. Microsoft’s HIPAA compliant solution is much more complex than HIPAA compliant email provided by Paubox.

Conclusion

The only BAA that GoDaddy will sign relates to its email service. It also co-locates multiple customers on a single server, which many employees have access to.

Therefore, like most mass-market, consumer website hosting companies, GoDaddy does not offer HIPAA compliant web hosting.

As we’re finding in our ongoing research into building HIPAA compliant websites, how you build your site is a more important consideration than where you host it.

Try Paubox Email Suite for FREE today.
Author Photo

About the author

Ryan Ozawa

Read more by Ryan Ozawa

Get started with
end-to-end protection

Bolster your organization’s security with healthcare’s most trusted HIPAA compliant email solution

The #1-rated email encryption 
and security software on G2

G2 Badge: Email Encryption Leader Fall 2022
G2 Badge: Security Best Usability Fall 2022
G2 Badge: Encryption Momentum Leader Fall 2022
G2 Badge: Security Best Relationship Fall 2022
G2 Badge: Security Users Most Likely to Recommend Fall 2022
G2 Badge: Email Gateway Best Relationship Fall 2022
G2 Badge: Email Gateway Best Meets Requirements Fall 2022
G2 Badge - Users Most Likely to Recommend Summer 2022
G2 Badge: Email Gateway Best Results Fall 2022
G2 Badge: Email Gateway Best Usability Fall 2022
G2 Badge: Email Gateway Best Support Fall 2022
G2 Badge: Email Gateway Easiest To Use Fall 2022
G2 Badge: Email Gateway Easiest Setup Fall 2022
G2 Badge: Email Gateway Easiest Admin Fall 2022
G2 Badge: Email Gateway Easiest to do Business with Fall 2022
G2 Badge: Email Gateway Highest User Adoption 2022
G2 Badge: Email Gateway High Performer Fall 2022
G2 Badge: Email Gateway Momentum Leader Fall 2022
G2 Badge: Email Gateway Most Implementable Fall 2022
G2 Badge: Email Gateway Users Most Likely to Recommend Fall 2022