Sharepoint states that it enables HIPAA compliance. This service uses both technical and administrative protections to comply with HIPAA regulations.
Sharepoint has stated that it provides necessary administrative and technical features to meet HIPAA requirements. Some of these features include access control for users, audit control, logs, and encryption. Threat awareness resources make it easy to access real-time reports about information access and usage.
Sharepoint is a Microsoft service. The Microsoft website states that Sharepoint online enables HIPAA compliance when paired with Office 365 Enterprise. While Microsoft ensures it meets its responsibilities as a business associate, users are responsible for configuring the platform correctly.
A variety of security add-ons are included for Office 365 Enterprise users, such as advanced threat protection, security management, advanced compliance, and threat intelligence. Licensing includes anti-malware, Windows Defender, Cloud App Security (CAS), Azure AD Identity Protection, Azure Security Center, Azure Advanced Threat Protection, and more.
If you configure and use Sharepoint correctly, this service can be a HIPAA-friendly solution for information storage, management, and collaboration.