Sunday 4 February 2018

Can I use Evernote and be HIPAA Compliant?

Can I Use Evernote and be HIPAA Compliant? - Paubox

We often get asked by customers and prospects about Evernote and their ability to use it in a HIPAA compliant manner.

We know the HIPAA industry is vast so we can empathize with just how many people need to use cloud-based services in this sector.

In previous posts, we’ve covered the following cloud solutions and their capabilities for HIPAA compliance:

Today, we will determine if Evernote offers HIPAA compliant service or not.

SEE ALSO: HIPAA Breaches and Cloud Providers

About Evernote

Evernote is an app designed for note taking, organizing, tasks lists, and archiving. Since it’s a cloud-based service, Evernote serves as a sync point to keep stuff like text documents, photos, videos and audio files in a central place.

Evernote is headquartered 30 minutes south of Paubox in Redwood City, CA.

Evernote and the Business Associate Agreement

We’ve previously talked about how a Business Associate Agreement (BAA) is a written contract between a Covered Entity and a Business Associate. It is required by law for HIPAA compliance.

We checked Evernote’s site and found the Evernote Business FAQ page.

In it, Evernote states:

Is Evernote Business HIPAA compliant?

Evernote and Evernote Business are not currently compliant.

Does Evernote Offer HIPAA Compliant Service?

The Business Associate Agreement is a key component to HIPAA compliance between a Covered Entity and a Business Associate.

Since Evernote specifically states they are not HIPAA compliant and therefore do not offer a BAA, we conclude they are not a HIPAA compliant service.

Conclusion

Evernote does not meet HIPAA Compliance standards.

Do not use Evernote if you are bound by HIPAA regulations.

No comments:

Post a Comment