Can I use Airtable and be HIPAA compliant?

Can I use Airtable and be HIPAA Compliant? - Paubox

Since Paubox is a Business Associate to thousands of customers, we’ve been wondering if they are able to use Airtable in a HIPAA compliant manner.

In fact, we’ve noticed more vendors, customers, and prospects asking about HIPAA compliant services.

This is especially true now as we see an accelerated, long overdue adoption of digital transformation in healthcare.

We know the HIPAA industry is vast, so we can empathize with just how many people need to use cloud services in this sector.

Today we will determine if Airtable offers HIPAA compliant service or not.

Airtable

Airtable is a very popular cloud-based productivity tool that directly competes with Microsoft Excel and Google Sheets.

In a nutshell, Airtable is spreadsheet-database hybrid: It has the features of a database and the look and feel of a traditional spreadsheet.

The fields in an Airtable table are similar to cells in a spreadsheet, but have types such as checkbox, phone number, and drop-down list. It can also reference file attachments like images.

Users can create a database, set up column types, add records, link tables to one another, collaborate, sort records, and publish views to external websites.

What is a Business Associate?

A Business Associate is a person or company that performs certain functions or activities that involve the use or disclosure of protected health information (PHI) for a Covered Entity.

In a nutshell, the role of a Business Associate is to help Covered Entities comply with the HIPAA Privacy Rule

Read full article: What does it mean to be a Business Associate?

Secure email for modern healthcare. Right out of the box.

Business Associate Agreement provisions

If a Business Associate provides services to a Covered Entity, then a Business Associate Agreement (BAA) must be in place.

A BAA is a written contract between a Covered Entity and a Business Associate and is required by law for HIPAA compliance.

At a minimum, a Business Associate Agreement contains 10 provisions.

Read full article: Business Associate Agreement Provisions

Airtable and the Business Associate Agreement

We’ve previously talked about how a Business Associate Agreement is a written contract between a Covered Entity and a Business Associate. It is required by law for HIPAA compliance.

We checked Airtable’s site and found the answer we were looking for in the Product Suggestions section of Airtable Community.

On a Product Suggestion page called HIPAA Compliance, we found:

Can I use Airtable and be HIPAA Compliant? - Paubox



Katherine_Duh of Airtable:

HIPAA compliance is certainly something that we’re considering. We’d love to hear the specifics of how you would use Airtable if it were HIPAA-compliant!


We also checked their Privacy Policy and Terms of Service pages and could not find any mention of HIPAA, PHI, Business Associate Agreement, or Covered Entity.

Does Airtable Offer HIPAA Compliant Service?

The Business Associate Agreement is a key component to HIPAA compliance between a covered entity and a business associate.

Within a ten minutes, we concluded that Airtable is not currently in the business of providing HIPAA compliant service.

Conclusion:

Airtable is not currently HIPAA compliant.

Try Paubox Email Suite for FREE today.

About the author

Hoala Greevy

Founder CEO Paubox. Kayak fishing when I can.

Read more by Hoala Greevy

Get started with
end-to-end protection

Bolster your organization's security with state-of-the-art email encryption and inbound email security.

Highest rated HIPAA compliant messaging solution on G2

EmailEncryption BestMeetsRequirements MeetsRequirements
SecureEmailGateway MostImplementable Total
SecureEmailGateway Leader Leader
SecureEmailGateway EasiestToUse EaseOfUse
SecureEmailGateway EasiestAdmin EaseOfAdmin
SecureEmailGateway BestUsability Total
SecureEmailGateway BestResults Total
SecureEmailGateway BestRelationship Total
EmailEncryption UsersMostLikelyToRecommend Nps
EmailEncryption MomentumLeader Leader
SecureEmailGateway BestSupport Mid Market QualityOfSupport
EmailEncryption BestMeetsRequirements MeetsRequirements
SecureEmailGateway MostImplementable Total
SecureEmailGateway Leader Leader
SecureEmailGateway EasiestToUse EaseOfUse
SecureEmailGateway EasiestAdmin EaseOfAdmin
SecureEmailGateway BestUsability Total
SecureEmailGateway BestResults Total
SecureEmailGateway BestRelationship Total
EmailEncryption UsersMostLikelyToRecommend Nps
EmailEncryption MomentumLeader Leader
SecureEmailGateway BestSupport Mid Market QualityOfSupport