Google Cloud Platform Blog
Product updates, customer stories, and tips and tricks on Google Cloud Platform
Google Cloud Platform provides support for HIPAA Covered Entities
Wednesday, February 5, 2014
When you’re building a healthcare-related application, not only do you need the right code and a reliable user experience, sometimes it feels like you need to be a lawyer too. Often, there are several additional steps to take to into consideration. In particular, some healthcare-related applications and services in the United States are required to comply with the
Health Insurance Portability and Accountability Act
(HIPAA) regulations. HIPAA establishes standards around privacy, security, and breach notification to protect individually identifiable health information. When building in the cloud, it can be challenging to ensure that you’re complying with these regulations.
To serve developers who want to build these applications on Google's infrastructure, we're announcing support for Business Associates Agreements (BAAs) for our customers. A BAA is the contract between a Covered Entity (you, the developer) and their Business Associate (Google) covering the handling of HIPAA-protected information.
Today’s news joins our other compliance efforts across Cloud Platform and Google Enterprise:
ISO 27001
:
ISO 27001
is one of the most widely recognized, internationally accepted independent security standards. After earning ISO 27001 for Google Apps
in 2012
, we renewed our certification again last year for Google Apps and
received
the certification for Google Cloud Platform.
SOC2, SSAE 16 & ISAE 3402
: Companies use the
SOC2
,
SSAE 16
Type II audit, and its international counterpart
ISAE 3402
Type II audit, to document and verify the data protections in place for their services. We’ve successfully completed these audits for Google Apps every year since
2008
(when the audits were known by their previous incarnation, SAS 70) and we did so again last year for Google Apps and Google Cloud Platform.
HIPAA
: Late last year, we started entering into
BAAs
to allow Google Apps customers to support HIPAA regulated data. This year we have begun entering into BAAs with our Google Cloud Platform customers.
We’re looking forward to supporting customers who are subject to HIPAA regulations on Google Cloud Platform. If you are a Covered Entity under HIPAA and would like more information, please
contact
our team.
-Posted by Matthew O’Connor, Product Manager
Free Trial
GCP Blogs
Big Data & Machine Learning
Kubernetes
GCP Japan Blog
Firebase Blog
Apigee Blog
Popular Posts
World's largest event dataset now publicly available in BigQuery
A look inside Google’s Data Center Networks
Enter the Andromeda zone - Google Cloud Platform’s latest networking stack
Using labels to organize Google Cloud Platform resources
New in Google Cloud Storage: auto-delete, regional buckets and faster uploads
Labels
Announcements
193
Big Data & Machine Learning
134
Compute
271
Containers & Kubernetes
92
CRE
27
Customers
107
Developer Tools & Insights
151
Events
38
Infrastructure
44
Management Tools
87
Networking
43
Open
1
Open Source
135
Partners
102
Pricing
28
Security & Identity
85
Solutions
24
Stackdriver
24
Storage & Databases
164
Weekly Roundups
20
Feed
Subscribe by email
Demonstrate your proficiency to design, build and manage solutions on Google Cloud Platform.
Learn More
Technical questions? Check us out on
Stack Overflow
.
Subscribe to
our monthly newsletter
.
Google
on
Follow @googlecloud
Follow
Follow