The Health Insurance Portability and Accountability Act of 1996 (HIPAA) is a federal law
that established data privacy and security requirements for certain entities and individuals
aimed at safeguarding individuals' health information.
HIPAA mandates privacy and security protections for protected health information (PHI) and
applies to individuals and entities that meet the definition of “covered entities” or
“business associates” under HIPAA.
See more details about Google Cloud Platform compliance with HIPAA
and G Suite compliance with HIPAA.
Google Cloud products that can be used by customers subject to HIPAA:
Customers who are subject to HIPAA and want to utilize any Google Cloud products in
connection with PHI must review and accept Google's Business Associate Agreement (BAA).
Not all Google Cloud products are designed to comply with HIPAA and only certain specified
products are covered under the BAA. Google ensures that the Google products covered under
the BAA have completed the ISO and SOC certifications.