Yes, Google Forms is HIPAA compliant. Google will sign a business associate agreement for covered entities using this service.
Just so you know
Like Google Forms, JotForm is HIPAA-compliant to keep sensitive PHI data safe. Plus, JotForm offers additional powerful features like secure payments, e-signatures, complete customization, and more.
Google Forms offers security and privacy configurations that comply with HIPAA regulations. Covered entities can set the access and visibility of folders and files, as well as grant specific collaborators sharing and editing capabilities.
When configuring Google Forms, administrators must set the sharing permissions to manage data visibility and access. Additionally, admins should disable third-party applications that don’t meet HIPAA privacy standards. Software compliance depends on how the software is used, which is why administrators must adjust privacy settings before using Google Forms for patient information.
Other HIPAA-compliant safeguards include encryption to protect sensitive information, user authentication, and audit controls that track information access.
If a covered entity uses Google Forms to collect protected health information (PHI), it must have a business associate agreement (BAA) in place before collecting PHI through this tool.oogle offers a signed business associate agreement (BAA) that covers Google Forms as well as other Google Workplace services, such as Gmail, Docs, Sheets, Calendar, and Slides.