HIPPA Compliance

Does smartsheets meet HIPPA Compliance?


  • Mike L.
    Mike L. ✭✭✭

    This is an excellent question. It can be but the default is not compliant. You should assume it is NOT unless your organization has met with them, there were internal IT audits and your company signed appropriate agreements. In other words you never want to upload PHI into Smartsheet unless you know that your company's instance of Smartsheet is HIPAA compliant.

    If I uploaded PHI into Smartsheet I would expect to be fired. I wouldn't do it unless i had a signed letter from my company and even then I would check and re-check before moving forward. That said I know that my organization's smartsheet is not HIPAA compliant. I heard there were discussions but that no agreements are currently in place.

  • Mike,

    Thanks for the insight. Apparently there must be a business associate agreement in place between smartsheets and "said company" to implement all the correct measures.