I need to transfer data from Jotform to Salesforce and thought I could use Zapier, but it looks like I’ve hit a roadblock, per this page https://zapier.com/help/account/data-management/data-privacy-at-zapier
Hi
Count us out too. We have very big campaigns to automate for and HIPAA compliant tools are the only way we will. Does anybody have an alternative to Zapier that is HIPAA compliant?
Your only viable option is pretty much having an integration built between the two (or more) respective applications using their API’s you wish to integrate. We only use Zapier for non-HIPAA related matters, and even then due to Zapier costs and limitations in delays in tasks, some integrations a better done ourselves via those respective API’s.
Count us out too. We have very big campaigns to automate for and HIPAA compliant tools are the only way we will. Does anybody have an alternative to Zapier that is HIPAA compliant?
It appears that with Zapier, most components if not all of the required and even most addressable requirements under HIPAA Security Rule are met.
https://www.hhs.gov/hipaa/for-professionals/privacy/special-topics/de-identification/index.html#standard
Any organization dealing with ePHI should also carefully consult with an attorney who understands software/tech and HIPAA/HITECH regulations.
All technical requirements aside, Zapier must also offer to execute Business Associate Agreements as well-- which they do not. Users should not believe that they can be HIPAA compliant on the simple basis that Zapier is not providing any “guarantee” and that the User would be fully responsible, as the requirement for a BAA is a clear requirement in order to meet the standards under HIPAA/HITECH.
Additionally, if Zapier was to learn you are using the system to handle ePHI, it would automatically have obligations as outlined by federal law, which likely would mean it would have no choice but to suspend your services and make a report of the violation to the Office of Civil Rights for the US Dept. of Health and Human Services.
The lack of Zapier (or any vendor for that matter) not signing a BAA and not officially allowing their system for use with ePHI, does not mean they are completely resolved of obligations under the law should they become aware of it’s use with ePHI.
Hey there,
Any updates on this
am going to have to leave and love Zapier !
Thanks
Hi there,
Pls add my vote as well.
Hey there
I also work at a health tech startup that would use Zapier, that would benefit a lot if you were HIPAA compliant. Please add my vote to this thread.
Hi there,
+1000
Currently I can only use Zapier in a very limited fashion due to it lacking HIPAA compliance. Don’t make me switch! Some sort of official statement on Zapier’s plans would be most helpful.
Thanks for reaching out,
Zapier,
Is there an update on HIPAA compliance certification? If not, please add my vote to the list.
Thank you,
William
Thanks for outlining your use case so clearly,
Dr. Case:
I don’t know Zendesk or Fax.plus specifically but there are ways around this issue of using Zapier involving HIPAA compliant.
The primary things to understand are:
- don’t send HIPAA compliant data to Zapier; that is, make sure there are no personal identifiers in the data that would make it HIPAA compliant
- if you send data to Zapier, “tag it” with a number (i.e., submission ID) that you will use later to match up with the HIPAA compliant data once it is back in your HIPAA compliant system
- that should do it!
Happy Holidays!
As one of the many new healthcare tech startups flooding the market, I’ll mention my use case: As a healthcare provider, I need a HIPAA compliant fax service. Zendesk for enterprise, which is HIPAA compliant, is our front end, but has no fax features. I signed up Fax.plus, and would love to use Zapier to integrate it with Zendesk, but activating the HIPAA compliance features of Fax.plus turns off integration with Zapier.
Hey
I’m happy to confirm that your votes have been added for Zapier to become HIPAA compliant. :)
Sure I cast a paper ballot and you can count it twice!!
Yes you have my vote for HIPAA compliance.
Can we add a vote for us as well… Seems like a highly requested feature to be lacking.
Here is your work around on this issue; correct Zapier is not Hipaa compliant. You can connect your JotForm to Google Sheets and this is Hipaa compliant. Call this Google Sheet #1. Create a second Google Sheet #2 with a simple important range / query function leaving out the personal identifiers or PHI. Send the information from the JotForm (which has a unique identifier) and Google Sheet #2 back to Zapier utilizing the Submission ID as the unique identifier. When Zapier is done with the data send it back to Google Sheet #3 and use the Submission ID to query the PHI data and personal identifiers from Google Sheet #1.
We use these tools and in essence we never have PHI data travel with Personal identifiers.
Hope that helps!
Hey
No update to share on this at the moment, unfortunately. I’ve passed on your comments and vote for Zapier to become HIPAA compliant. We’ll be touch via email with any updates!
Hi
Any update on this . We are UK based and use Zapier for all our processes we are expanding internationally and I am disappointed to see it is not HIPAA compliant which will be essential for us
thanks
Hi
Add me to the list, too, please. We're a Zapier partner and this is what many of our customers need to properly roll out zapier in an enterprise environment.
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.