Is Acquia HIPAA compliant?

Is Acquia HIPAA Compliant? - Paubox

Covered entities have a responsibility to ensure that patient data is protected. This also includes any data that your website may acquire. That’s why it’s so important to choose a HIPAA compliant web hosting provider since many of them don’t implement the proper safeguards.

One of these options includes Acquia, so let’s take a look at the platform and determine if it’s HIPAA compliant.

What is Acquia?

Acquia is a digital experience platform with a suite of products that help you build, host, and manage Drupal-based websites. Drupal is an open-source project, which means security isn’t always the best quality. However, Drupal can be HIPAA compliant if a web hosting company covers the HIPAA security requirements. 

READ MORE: How to Make Sure You Have a HIPAA Compliant Website

Is Acquia HIPPA compliant?

Acquia claims on its website that “The Acquia Cloud Platform meets the requirements of the HIPAA Security Rule and HITECH for electronic Protected Health Information (ePHI).” The platform has several security features, including:

Covered entities must also be sure to obtain a business associate agreement (BAA) from all business associates. The BAA covers the responsibilities of the business associate when handling ePHI.

If a business associate is not willing to participate in a BAA, it is automatically not in compliance with HIPAA.

Acquia makes no mention of BAAs on its website, including in its “Subscription and Services Agreement” and “Terms of Services” pages.

Conclusion

Acquia may have the security features to be considered HIPAA compliant, but we could find no mention of signing a BAA.

Acquia is not HIPAA compliant without BAA documentation.  We recommend that healthcare providers confirm with Acquia whether or not the company will indeed sign one.

READ MORE: HIPAA Compliant Email: the Definitive Guide

Try Paubox Email Suite for FREE today.

About the author

Sara Nguyen

Read more by Sara Nguyen

Get started with
end-to-end protection

Bolster your organization's security with state-of-the-art email encryption and inbound email security.

Highest rated HIPAA compliant messaging solution on G2

EmailEncryption BestMeetsRequirements MeetsRequirements
SecureEmailGateway MostImplementable Total
SecureEmailGateway Leader Leader
SecureEmailGateway EasiestToUse EaseOfUse
SecureEmailGateway EasiestAdmin EaseOfAdmin
SecureEmailGateway BestUsability Total
SecureEmailGateway BestResults Total
SecureEmailGateway BestRelationship Total
EmailEncryption UsersMostLikelyToRecommend Nps
EmailEncryption MomentumLeader Leader
SecureEmailGateway BestSupport Mid Market QualityOfSupport
EmailEncryption BestMeetsRequirements MeetsRequirements
SecureEmailGateway MostImplementable Total
SecureEmailGateway Leader Leader
SecureEmailGateway EasiestToUse EaseOfUse
SecureEmailGateway EasiestAdmin EaseOfAdmin
SecureEmailGateway BestUsability Total
SecureEmailGateway BestResults Total
SecureEmailGateway BestRelationship Total
EmailEncryption UsersMostLikelyToRecommend Nps
EmailEncryption MomentumLeader Leader
SecureEmailGateway BestSupport Mid Market QualityOfSupport