Google Workspace is HIPAA compliant with some minor modifications, and recently Gemini for Google Workspace, Google’s AI add-on for Workspace, was confirmed to be HIPAA compliant.
The Health Insurance Portability and Accountability Act (HIPAA) protects private health information by making sure that organizations that collect healthcare data follow specific rules under the Act. Specifically, it governs how that data is digitally stored and transmitted.
Google Workspace has been HIPAA compliant with some minor changes to its settings for a very long time. In fact, many of our clients at UpCurve Cloud are healthcare organizations or businesses, and we’ve made sure that all of them are in compliance with HIPAA - at least when it comes to Google Workspace.
How to make Google Workspace HIPAA compliant
Step one to ensuring HIPAA compliance is signing a Business Associate Agreement with Google. This agreement asserts that the Google client will modify their Google Workspace settings and practices to handle Personal Health Information (PHI) properly under the Act. Generally, HIPAA is designed to make sure that PHI is not shared with anyone who shouldn’t have access to it.
From there, you’ll want to go through the Google Workspace and Cloud Identity
HIPAA Implementation Guide, created by Google, to make sure all the right settings are turned on or off and the right data policies are in effect in your organization.
Once the agreement is signed and the guide has been followed, specific Google Apps have HIPAA Included Functionality, which means that they are considered to be in compliance with HIPAA. Here is a full list of the apps with this functionality. Apps without this functionality can be removed from use by your admins if desired.
Although this work can be done in-house, UpCurve Cloud has extensive experience with the process and can set up your team more efficiently. Partnering with a third party saves time and ensures the job is done correctly, giving you peace of mind.
Gemini for Google Workspace is now HIPAA compliant
Gemini for Google Workspace is the biggest upgrade to Workspace since it was launched. With Gemini, your team can take advantage of AI to power tasks such as writing emails, creating videos, creating first drafts of important documents, and automating low-level tasks. Recently, it was certified to be HIPAA compliant, along with a number of ISO certifications.
Google also recently announced that Gemini for Google Workspace is now SOC 1 compliant, where it already already SOC 2 and SOC 3 compliant.
What else should I be doing to ensure compliance?
HIPAA is enforced by the U.S. Department of Health and Human Services, and it has included case studies for various types of healthcare businesses and organizations on its website. Find the category you fall under and follow the guidance for that category. There is much more to consider when dealing with PHI, including online tracking applications and overall cybersecurity at your organization.
Are you interested in Gemini for Google Workspace to improve productivity at your healthcare organization, or ensuring that your Google Workspace installation is HIPAA compliant? Contact us today to find out how we can help you. As one of the largest implementers of Gemini for Google Workspace in the U.S. and one of the most experienced with HIPAA, we’re the ideal Google Partner for healthcare.
Contact Us to Learn More about Transforming Your Business