Skip to the main content.
Talk to sales Start for free
Talk to sales Start for free

2 min read

Is Monday.com a HIPAA compliant cloud service?

Picture of Hoala Greevy Hoala Greevy May 16, 2020

HIPAA Compliance
Is Monday.com a HIPAA compliant cloud service?

Since Paubox is a Business Associate to thousands of customers, we’ve been wondering if they are able to use Monday.com in a HIPAA compliant manner. In fact, we've noticed more vendors, customers, and prospects asking about HIPAA compliant services. This is especially true now as we see an accelerated, long overdue adoption of digital transformation in healthcare.

We know the HIPAA industry is vast, so we can empathize with just how many people need to use cloud services in this sector. Today we will determine if Monday.com offers HIPAA compliant service or not.

 

Monday.com

Monday.com is a team management platform that connects people to workplace processes and tools. Monday.com was started by 2010 by Wix as an internal tool. Two years later, it was spun out of Wix as a separate company. The company has offices in New York and Tel Aviv.

 

What is a Business Associate?

A Business Associate is a person or company that performs certain functions or activities that involve the use or disclosure of protected health information (PHI) for a Covered Entity. In a nutshell, the role of a Business Associate is to help Covered Entities comply with the HIPAA Privacy Rule.

Read full article: What does it mean to be a Business Associate?

 

Business Associate Agreement provisions

If a Business Associate provides services to a Covered Entity, then a Business Associate Agreement (BAA) must be in place. A BAA is a written contract between a Covered Entity and a Business Associate and is required by law for HIPAA compliance. At a minimum, a Business Associate Agreement contains 10 provisions.

Read full article: Business Associate Agreement Provisions

 

Monday.com and the Business Associate Agreement

We checked the Monday.com site for mention of their ability to sign a Business Associate Agreement (BAA). We found the following pages:

 

From these pages, we can see that:
  • Customers are not allowed to store sensitive information like protected health information on Monday.com unless a BAA is signed
  • Monday.com will only sign a BAA for enterprise plans with 25 users or more
  • The Monday.com Business Associate Agreement is available online for review

 

See Also: Is Asana a HIPAA Compliant Cloud Service?

 

Does Monday.com offer HIPAA Compliant Service?

The Business Associate Agreement (BAA) is a key component to HIPAA compliance between a Covered Entity and a Business Associate. We were able to learn the following about Monday.com about their ability to be considered a HIPAA compliant solution:
  • Monday.com is willing to sign a BAA with its customers, as long as an enterprise plan of 25 users or more is chosen
  • Their BAA is available online for review

 

Conclusion: Monday.com is a HIPAA compliant project and team management service. Make sure you have the correct plan to qualify.

 

Try Paubox Email Suite for FREE today.
Start for free

Subscribe to Paubox Weekly

Every Friday we'll bring you the most important news from Paubox. Our aim is to make you smarter, faster.