Is Datadog HIPAA compliant?

Is Datadog HIPAA Compliant? - Paubox

Healthcare IT professionals must employ effective monitoring and security of a company’s network. Datadog could be a tool to help with that goal. But is it compliant with HIPAA security standards?

What is Datadog?

Datadog is a monitoring and analytics tool for cloud-scale applications. It helps organizations monitor servers, databases, and manage log data.

Does Datadog have a business associate agreement?

The first hurdle a covered entity needs to pass is ensuring that a business associate is protecting electronic protected health information (ePHI). To receive this confirmation, both parties must sign a business associate agreement (BAA).

A BAA will outline the responsibilities of both parties in securing ePHI and keeping it safe from unauthorized users. The BAA will make sure that a business associate is implementing the necessary safeguards required by the HIPAA Security Rule.  

If you are an organization that transmits ePHI, Datadog will sign a BAA. There is one catch. Datadog’s BAA is only applicable to its log management and security monitoring products. All of the other products are not eligible for a BAA, and therefore, not HIPAA compliant.

What is Datadog’s data security?

Data security features can range from the necessities to all of the bells and whistles. Datadog implements a few different tactics to ensure HIPAA compliance, including:

  • Maintaining SOC 2 Type II compliance
  • Encrypting data in transit with Transport Layer Security (TLS)
  • Rendering data inaccessible if encryption is interrupted
  • Supporting two-factor authentication
  • Monitoring and logging data access 
  • Supporting customizable threat detection rules
  • Not allowing HIPAA compliant users to request support via chat

You can read a full list of security features by clicking here. Covered entities need to configure settings to ensure HIPAA compliant when working with Datadog.

Is Datadog HIPAA compliant?

Yes, some Datadog products can be HIPAA compliant.

A covered entity can only use Datadog’s log management and security monitoring software since those are the only products covered under a BAA.

Don’t forget to protect your email

HIPAA compliant email continues to be a top priority in ensuring the protection of ePHI. Safely sending sensitive data in emails is easy with Paubox Email Suite

Paubox is easy for your employees to use since it easily integrates with platforms like Google Workspace and Microsoft 365. It automatically encrypts all emails the user sends, and it arrives directly in a patient’s inbox. No need to use patient portals or third-party apps to safely communicate with your patients. 

Paubox is dedicated to providing the latest email security technology. Not only can Paubox stop email threats like spam and malware from entering your inbox, but we’ve also recently added a zero trust feature for our Plus and Premium customers. Zero Trust Email is an extra layer of protection to ensure that emails are genuine and not phishing emails.

A BAA is included in all plans, so you can rest assured that Paubox will continue to protect ePHI that your company sends in emails.

Try Paubox Email Suite for FREE today.

About the author

Sara Nguyen

Read more by Sara Nguyen

Get started with
end-to-end protection

Bolster your organization's security with state-of-the-art email encryption and inbound email security.

Highest rated HIPAA compliant messaging solution on G2

EmailEncryption BestMeetsRequirements MeetsRequirements
SecureEmailGateway MostImplementable Total
SecureEmailGateway Leader Leader
SecureEmailGateway EasiestToUse EaseOfUse
SecureEmailGateway EasiestAdmin EaseOfAdmin
SecureEmailGateway BestUsability Total
SecureEmailGateway BestResults Total
SecureEmailGateway BestRelationship Total
EmailEncryption UsersMostLikelyToRecommend Nps
EmailEncryption MomentumLeader Leader