Is Zoho HIPAA compliant?

Not yet as we know because they have not stated that they are HIPAA compliant, but Zoho is working on HIPAA compliance. The company's stance on HIPAA compliance is unclear, so it’s important for covered entities to use caution before using Zoho for PHI.

Zoho’s website provides limited information about HIPAA compliance. Even though its tools aren’t for healthcare entities specifically, many of the security features may meet HIPAA requirements.

These cloud-based services are comparable to those in Office 365 and G Suite, with secure solutions for word processing, custom applications, project management, live chat, app integration, and an IoT management platform.

The company offers technical, physical, and administrative safeguards for all services, but there are questions about whether these privacy features are sufficient for HIPAA regulations.

Zoho is willing to sign a Business Associate Agreement (BAA), but the company clearly states that its apps aren't built for the healthcare industry. Responsibility for compliance remains with the customer.

For now, covered entities should check with Zoho for specific security features and updates on each of the available tools.

Product details

Company Logo

Business Associate Agreement


HIPAA Compliant



CRM Services

Product description

Zoho provides web-based tools and cloud applications for email, word processing, presentations, spreadsheets, databases, web conferencing, customer relationship management, and more.


Readers should perform their own research before making the final decision. The information on the Jotform HIPAA Compliance Checker does not constitute official healthcare or legal advice. Jotform is not liable for any damage or liabilities arising out of or connected in any manner with this platform.

If you see any incorrect, incomplete or inaccurate information, please request correction by filling the form below.

Request Correction