No, Quickbooks is not HIPAA compliant. Even though Quickbooks Online meets industry security standards, the security measures do not comply with HIPAA privacy requirements.
Some medical clinics use Quickbooks for summarizing revenue and sales receipts. This tool can be a powerful way to track revenue by company, insurance, or even patient category. But you need to be sure that the information does not fall under the classification of “protected health information” (PHI).
For example, you shouldn’t use Quickbooks for patient demographic data, information about physical or mental health conditions of patients, health care services offered to each person, or payment for medical services. According to the US Department of Health and Human Services, medical practitioners shouldn’t use non-compliant software services for the above information if there is “a reasonable basis to believe it can be used to identify the individual.”
Another reason why Quickbooks is not HIPAA compliant is that the company won’t sign a Business Associate Agreement (BAA).
If you are in the healthcare industry and use Quickbooks, you should not use “individually identifiable health information” with this software. This information is best secured using HIPAA-compliant medical billing software.