Does Google docs meet HIPAA standards and other security regulations?

Posted on 2011-10-10
Medium Priority
Last Modified: 2012-05-12
Does Google docs meet HIPAA standards and other security regulations for a health care organization? Please feel free to make recommendations as to other file storing, easy access and sharing service that may be securely used by a healthcare organization.
Question by:bobox00
LVL 13

Accepted Solution

themrrobert earned 2000 total points
ID: 36945334
Nope, its not aimed towards that. Please read:

Amazon claims you can make hipaa compatible apps, but there are questions raised about how secure it truly is:

Expert Comment

ID: 36945623
I guess Microsoft Office 365 is the only online Office Service which offers this kind of security standard currently:

LVL 15

Expert Comment

by:Allen Falcon
ID: 36948550
Yes,  you can implement Google Apps for Business in a way that the service, along with your policies and procedures is HIPAA compliant.

For the Gmail piece, you will need Google Message Encryption to provide inbox or portal-based delivery of encrypted email to individual recipients.

For Google Docs, make sure that you are forcing SSL encryption for all services.  You may want to restrict users' ability to share documents outside of your domain (public or with other individuals) and you may want an auditing tool like CloudLock in place.


Author Closing Comment

ID: 36970025
thanks for all inputs

Featured Post

What Security Threats Are We Predicting for 2018?

Cryptocurrency, IoT botnets, MFA, and more! Hackers are already planning their next big attacks for 2018. Learn what you might face, and how to defend against it with our 2018 security predictions.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article is about my experience upgrading my consulting machine to Windows 10 Version 1709 (The Fall 2017 Creator Update)
Last month Marc Laliberte, WatchGuard’s Senior Threat Analyst, contributed reviewed the three major email authentication anti-phishing technology standards: SPF, DKIM, and DMARC. Learn more in part 2 of the series originally posted in Cyber Defense …
Is your data getting by on basic protection measures? In today’s climate of debilitating malware and ransomware—like WannaCry—that may not be enough. You need to establish more than basics, like a recovery plan that protects both data and endpoints.…
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…

757 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question