Whether Zoho enables HIPAA compliance is unclear, so it’s important for covered entities to use caution before using Zoho for PHI.
Zoho’s website provides limited information about HIPAA compliance. Even though its tools aren’t for healthcare entities specifically, many of the security features may meet HIPAA requirements.
These cloud-based services are comparable to those in Office 365 and Google Workspace, with solutions for word processing, custom applications, project management, live chat, app integration, and an IoT management platform.
The company offers technical, physical, and administrative safeguards for all services, but there are questions about whether these privacy features are sufficient for HIPAA regulations.