​​​What is HIPAA?

HIPAA is the acronym for the Health Insurance Portability and Accountability Act that was passed by Congress in 1996. HIPAA does the following:

• Provides the ability to transfer and continue health insurance coverage for millions of American workers and their families when they change or lose their jobs;

• Reduces health care fraud and abuse;

• Mandates industry-wide standards for health care information on electronic billing and other processes; and

• Requires the protection and confidential handling of protected health information

Protection and Confidential Handling of Health Information

The HIPAA Privacy regulations require health care providers and organizations, as well as their business associates, to develop and follow procedures that ensure the confidentiality and security of protected health information (PHI) when it is transferred, received, handled, or shared. This applies to all forms of PHI, including paper, oral, and electronic, etc. Furthermore, only the minimum health information necessary to conduct business is to be used or shared.

Business Partners and Business Associates must protect the privacy and security of the Protected Health Information (PHI) and Personal Information (PI) that may be created, received, maintained, transmitted, used or disclosed pursuant to their agreements and to comply with certain standards set forth by DHCS as well as Federal and State Privacy Laws.

Google Cloud Security and Compliance

U.S. Health Insurance Portability and Accountability Act (HIPAA)

G Suite supports our customers’ compliance with the U.S. Health Insurance Portability and Accountability Act (HIPAA), which governs the confidentiality and privacy of protected health information (PHI). Customers who are subject to HIPAA and wish to use G Suite with PHI must sign a business associate agreement (BAA) with Google. The BAA covers Gmail, Google Calendar, Google Drive, Google Sites and Google Vault. Additional information can be found in our HIPAA Implementation Guide