Yes, Quip is HIPAA compliant. Also, a signed business associate agreement (BAA) is available for covered entities that use this cloud-based service for protected health information (PHI).
Quip, a cloud-based collaboration tool, uses innovative security controls and measures that align with HIPAA compliance requirements. The system is fully encrypted and offers a variety of customizable privacy options to meet each organization’s unique compliance requirements.
Covered entities often pair Quip Shield with Salesforce to take their security to the next level. The combination allows users to collaborate using Salesforce data in a central space while their data is protected with critical security measures such as permissions, version history, and encryption.
These cloud-based tools offer security for protected health information (PHI), with technical, physical, and administrative safeguards to maintain compliance. Covered entities can build healthcare applications through Salesforce, knowing that Quip provides the security measures needed to protect PHI.
Quip is secure out of the box, with features that allow for data control and audits. Users can tailor the Quip platform based on their unique compliance and security needs. Key security features of Quip Shield include encryption of data in transit and at rest, granular administrative controls, access management, antivirus scanning, and real-time event logging. The option of a private, single-tenant cloud allows for better control of the network, including limits on geographical access.
A signed business associate agreement (BAA) is available for covered entities using Quip for PHI. This BAA covers Quip Starter, Quip Enterprise, Quip Mobile, Quip Virtual Private Cloud, Quip for Salesforce, and the Quip Live App.