Is OneDrive HIPAA compliant?

George Davidson
Jun 18, 2020

Yes, OneDrive is HIPAA compliant because Microsoft will sign a Business Associate Agreement (BAA).

OneDrive is a cloud storage solution provided by Microsoft. As cloud storage is often used to store and transmit Electronic Patient Health Information, covered entities should rely on cloud storage solutions that can become HIPAA compliant. OneDrive can be HIPAA compliant if the organization takes the proper steps. 

The business associate agreement is an essential part of making any software solution HIPAA compliant. This agreement states how the parties handle the Electronic Patient Health Information (ePHI) will adhere to HIPAA. Without a signed BAA agreement, no technology solution can be considered HIPAA compliant but Microsoft provides that. In addition, Exchange Administrator Access Tracking can be turned on so the user can know which administrators have accessed which data. 

As a result, OneDrive fullfills the access control obligation quite sufficently.

Product details

Company Logo

Business Associate Agreement

Yes

HIPAA Compliant

Yes

Product description

OneDrive is a cloud storage service offered by Microsoft. It allows users to store files in the cloud and access them from anywhere in an instant.

Disclaimer:

Readers should perform their own research before making the final decision. The information on the JotForm HIPAA Compliance Checker does not constitute official healthcare or legal advice. JotForm is not liable for any damage or liabilities arising out of or connected in any manner with this platform.

If you see any incorrect, incomplete or inaccurate information, please request correction by filling the form below.

Request Correction