Quip has stated that it enables HIPAA compliance and that a signed business associate agreement (BAA) is available for covered entities that use this cloud-based service for protected health information (PHI).
Quip, a cloud-based collaboration tool, uses innovative security controls and measures that appear to align with HIPAA compliance requirements. The system is fully encrypted and offers a variety of customizable privacy options to meet each organization’s unique compliance requirements.
Covered entities often pair Quip Shield with Salesforce to take their security to the next level. The combination allows users to collaborate using Salesforce data in a central space while their data is protected with critical security measures such as permissions, version history, and encryption.
These cloud-based tools offer security for protected health information (PHI), with technical, physical, and administrative safeguards designed to maintain compliance. Covered entities can build healthcare applications through Salesforce, knowing that Quip provides the security measures intended to protect PHI.
Quip has features that allow for data control and audits. Users can tailor the Quip platform based on their unique compliance and security needs. Key security features of Quip Shield include encryption of data in transit and at rest, granular administrative controls, access management, antivirus scanning, and real-time event logging. The option of a private, single-tenant cloud allows for better control of the network, including limits on geographical access.