Does Mindbody enable HIPAA compliance?

Mindbody has proactive security measures that appear to meet HIPAA regulations. The company has obtained PCI Level 1 certification, and states that it completes an annual audit and HIPAA risk assessment.

HIPAA-related privacy features include network security, encryption, ePHI protection, access control measures, and a Vulnerability Management Program. System alerts are in place to notify admins of unauthorized access.

Mindbody offers PHI-related protections for appointment scheduling, contact logs, documents, and transactions. Progress notes allow covered entities to record personal information that’s accessible only by authorized personnel.

A business associate agreement (BAA) must be in place before using Mindbody for PHI. Covered entities can email Mindbody to request a signed BAA.

Product details

Product description

Mindbody is business management software for cloud-based scheduling and documentation. This software serves a variety of businesses, including spas, gyms, and salons worldwide.

This web page was updated on October 02, 2023.


Readers should perform their own research before making the final decision. The information on the Jotform HIPAA Compliance Checker does not constitute official healthcare or legal advice. Jotform is not liable for any damage or liabilities arising out of or connected in any manner with this platform.

If you see any incorrect, incomplete or inaccurate information, please request correction by filling the form below.

Request Correction

Get professional solutions with Jotform Enterprise

Discover how Jotform Enterprise can benefit your organization. Automate, collaborate, and scale with ease.