Does WP Engine offer HIPAA compliant web hosting?

Featured image

Share this article

Does WP Engine Offer HIPAA Compliant Web Hosting? - Paubox

If you’re looking to build a website for your business, one of the tools you’ll find right out of the gate is WordPress. It’s a powerful and popular content management system behind over 400 million websites.

You will also discover that WordPress takes some technical prowess to set up. And that’s why web hosting companies often build WordPress into their offerings.

WP Engine, as you might gather from their name, makes WordPress hosting their primary business.  Today we’ll determine if it’s HIPAA compliant or not.

What is WP Engine?

Based in Austin, Texas, WP Engine is a web hosting company that specializes in WordPress websites. Founded in 2010, it now has over 90,000 customers in 140 countries, and offices in San Francisco, California; San Antonio, Texas; London, England; Limerick, Ireland and Brisbane, Australia.

The company embraces open-source technology, using more than 30 open-source technologies in its operations in addition to WordPress itself.

WP Engine emphasizes its company culture as much as its technology, from the diversity of its employees to its social responsibility programs.

Are WP Engine sites HIPAA compliant?

If you are looking to use WordPress to build and manage a website for your business, WP Engine seems like a smart choice. But if your business is a covered entity, like a medical clinic or doctor’s office, you must ensure all of your systems are HIPAA compliant, including your website.

And if you plan to use your website to help clients contact or submit information to you, you’ll likely be working with protected health information (PHI), making HIPAA compliance even more critical.

The WP Engine support library doesn’t have any entries that mention HIPAA. Although the company does provide information on the secure handling of payment information, the only mention of health information is in the company’s overarching Acceptable Use Policy: Under “Regulated and Sensitive Information,” WP Engine states:

You are not permitted to use or cause the Services to store or process sensitive or otherwise regulated health or financial information, including Protected Health Information (as that term is defined under HIPAA). […] You acknowledge and agree that we are not responsible for any liabilities arising from your violation of this restriction.

WP Engine makes clear that it does not want to handle health information, and that customers bear all responsibility should they violate HIPAA.

Conclusion

Although WP Engine is a solid web host for WordPress websites, it is not HIPAA compliant, and the company expressly forbids using its services for regulated health information.

Furthermore, as we’ve covered in other blog posts, WordPress itself is not HIPAA compliant either.

SEE ALSO: HIPAA Compliant Email: the Definitive Guide

Try Paubox Email Suite for FREE today.
Author Photo

About the author

Ryan Ozawa

Read more by Ryan Ozawa

Get started with
end-to-end protection

Bolster your organization’s security with healthcare’s most trusted HIPAA compliant email solution

The #1-rated email encryption 
and security software on G2

G2 Badge: Email Encryption Leader Fall 2022
G2 Badge: Security Best Usability Fall 2022
G2 Badge: Encryption Momentum Leader Fall 2022
G2 Badge: Security Best Relationship Fall 2022
G2 Badge: Security Users Most Likely to Recommend Fall 2022
G2 Badge: Email Gateway Best Relationship Fall 2022
G2 Badge: Email Gateway Best Meets Requirements Fall 2022
G2 Badge - Users Most Likely to Recommend Summer 2022
G2 Badge: Email Gateway Best Results Fall 2022
G2 Badge: Email Gateway Best Usability Fall 2022
G2 Badge: Email Gateway Best Support Fall 2022
G2 Badge: Email Gateway Easiest To Use Fall 2022
G2 Badge: Email Gateway Easiest Setup Fall 2022
G2 Badge: Email Gateway Easiest Admin Fall 2022
G2 Badge: Email Gateway Easiest to do Business with Fall 2022
G2 Badge: Email Gateway Highest User Adoption 2022
G2 Badge: Email Gateway High Performer Fall 2022
G2 Badge: Email Gateway Momentum Leader Fall 2022
G2 Badge: Email Gateway Most Implementable Fall 2022
G2 Badge: Email Gateway Users Most Likely to Recommend Fall 2022