No, Apple Notes isn’t HIPAA compliant. Also, Apple won’t sign a business associate agreement (BAA) with covered entities.
Apple Notes provides users with a fast and easy way to capture their thoughts or create lists and sketches, making it a convenient tool to collect information. Even though Apple offers privacy and security features, the Notes app doesn’t have the essential elements required for HIPAA compliance.
Not only are there limited security features for accessing Notes, the app also syncs across devices through Apple’s iCloud, which isn’t HIPAA compliant. That means Apple Notes isn’t HIPAA compliant. Healthcare organizations shouldn’t use Apple Notes or iCloud to record, store, share, or transmit protected health information (PHI).
The services Apple offers, like cloud storage, classify it as a business associate, but the company has yet to address HIPAA compliance for Notes and other features on its platform. Apple won’t sign a business associate agreement (BAA) with healthcare providers, so HIPAA-covered entities should find other tools to collect and store PHI.