Is Mindbody HIPAA compliant?

Yes, Mindbody says that it is HIPAA compliant. Also, the company will sign a business associate agreement (BAA).

Mindbody has proactive security measures that meet HIPAA regulations. Not only does this company maintain a PCI Level 1 certification, but it also completes an annual audit and HIPAA risk assessment.

HIPAA-compliant privacy features include network security, encryption, ePHI protection, access control measures, and a Vulnerability Management Program.

These digital lines of defense provide the security needed for protected health information (PHI). System alerts are in place to notify admins of unauthorized access.

Mindbody offers privacy and security for all PHI, including appointment scheduling, contact logs, documents, and transactions. Progress notes are HIPAA compliant, allowing covered entities to record personal information that’s accessible only by authorized personnel.

A business associate agreement (BAA) must be in place before using Mindbody for PHI. Covered entities can email Mindbody to request a signed BAA.

Product details

Company Logo

Business Associate Agreement


HIPAA Compliant


Product description

Mindbody is business management software for cloud-based scheduling and documentation. This software serves a variety of businesses, including spas, gyms, and salons worldwide.


Readers should perform their own research before making the final decision. The information on the Jotform HIPAA Compliance Checker does not constitute official healthcare or legal advice. Jotform is not liable for any damage or liabilities arising out of or connected in any manner with this platform.

If you see any incorrect, incomplete or inaccurate information, please request correction by filling the form below.

Request Correction