Best answer

Why isn't HIPAA compliance supported?


Userlevel 3
Badge

I need to transfer data from Jotform to Salesforce and thought I could use Zapier, but it looks like I’ve hit a roadblock, per this page https://zapier.com/help/account/data-management/data-privacy-at-zapier

icon

Best answer by nicksimard 9 May 2020, 01:50

View original

This post has been closed for comments. Please create a new post if you need help or have a question about this topic.

44 replies

Userlevel 7
Badge +7

Even though Zapier doesn’t claim HIPAA compliance, they secure the system very well and with their best effort. They do not claim this probably because that would mean they would have to deal with certain certificates, audits, whatever.

Because of that, it’s completely your choice and actions to making it “HIPAA” compliant with policies of usage you setup yourself. I don’t have experience with HIPAA, but this would be your own choice.

Maybe @Danvers can say if something like this is on the feature request list.

~Bjorn

Userlevel 7
Badge +11

Mod Edit: 03-21-2022


Hi @kbeisly!

I see that you’ve found Zapier’s official public-facing statement on data privacy. It’s definitely something that other users have asked for, and I’ve added your vote for it. I don’t have anything resembling a timeline for if/when that will be supported, however. 

As @ForYourIT pointed out, we do take the security of your data seriously. On that same page that you linked to, you can see some of the technical details. But we can not claim HIPAA compliance, since the use of regulated healthcare and medical data like HIPAA is not supported on Zapier. You can read more about this information here: Can I use Zapier with healthcare/medical data? And/or, will you sign my company’s BAA?

How do I add my vote?

Userlevel 7
Badge +8

Hi @Chris Topinka - I have added your vote! You will be contacted via email should we have an update. 

Let us know if you have any additional questions!

Please add my vote for Zapier setting up a process to becoming HIPAA compliant.

Userlevel 7
Badge +12

Hi @IHC_IT - thanks for your message, I’ve added your vote for that 🙂

I would like to be added to that vote as well too. Thank you.

Userlevel 7
Badge +8

@LeahtheHealthcareOBM I have added your vote!

I agree, tray io is Hipaa compliant but doesn’t have as many connectors,

Microsoft flow ditto - and I love what that platform and connectors can do!

Zapier needs to look at the competition and invest in HIPAA compliance or they will lose out. It has more connectors at present but lack of HIPAA means it can’t be used for many businesses.

Userlevel 7
Badge +11

Hi @Ricardo111!

Totally understand where you (and the others above) are coming from and I’ve added you to the list of folks looking for HIPAA compliance. I added your exact feedback for the product team to review :)

 

Can you add my vote as well? I’m a huge fan of Zapier, but the lack of HIPAA compliance creates a major barrier to us using it in any significant way. 

Thanks!

Userlevel 7
Badge +11

Hi @lawbarker!

I’ve added your voice to that request as well! 

We are working on integrating into Zapier and have been embedded the last 18 months in one of the largest, most respected healthcare systems validating numerous use cases. There definitely is a change going on in healthcare with things like SMART on FHIR and having a platform like Zapier accessible in this environment will add enormous value to both the healthcare system and Zapier. Please add my vote. 

Userlevel 7
Badge +8

@jeffbonasso-ambifi thank you for sharing your specific use case and context. I have included this information and added you to this request. 

Hi - please add my vote as well. Healthcare has been transitioning to be more virtual but has RAPIDLY accelerated since COVID. Companies that support the healthcare industry want to easily connect to the tools used by everyone else out there who doesn’t need to maintain HIPAA compliance...without dedicating internal developer resources. Zapier becoming HIPAA compliant would be a huge benefit.

Please add my vote as well. Thank you!

Userlevel 7
Badge +11

Hi @John123!

I’ve added your vote for this request as well!

I'd also like to add my vote...

Userlevel 7
Badge +12

Thanks for your message @Nicolette I’ve let our team know that you would like to see Zapier become HIPAA compliant.

Add me to the list, too, please.  We're a Zapier partner and this is what many of our customers need to properly roll out zapier in an enterprise environment. 

Userlevel 7
Badge +12

Hi @casebookbrian, thanks for your reply. I’ve shared your thoughts with the team and added you as an interested user. Thanks!

Hi

Any update on this . We are UK based and use Zapier for all our processes we are expanding internationally and I am disappointed to see it is not HIPAA compliant which will be essential for us 

thanks

Userlevel 7
Badge +11

Hey @Solas, welcome to the Community! :)

No update to share on this at the moment, unfortunately. I’ve passed on your comments and vote for Zapier to become HIPAA compliant. We’ll be touch via email with any updates!

Userlevel 3
Badge +3

Here is your work around on this issue; correct Zapier is not Hipaa compliant.  You can connect your JotForm to Google Sheets and this is Hipaa compliant.  Call this Google Sheet #1.  Create a second Google Sheet #2 with a simple important range / query function leaving out the personal identifiers or PHI.  Send the information from the JotForm (which has a unique identifier) and Google Sheet #2 back to Zapier utilizing the Submission ID as the unique identifier.  When Zapier is done with the data send it back to Google Sheet #3 and use the Submission ID to query the PHI data and personal identifiers from Google Sheet #1.  

We use these tools and in essence we never have PHI data travel with Personal identifiers.

 

Hope that helps!

Can we add a vote for us as well… Seems like a highly requested feature to be lacking.