I am a health provider and have some concerns about sharing my emails with Hubspot CRM. How can I ensure that Hubspot CRM is HIPPA compliant? I need to be able to protect my patient's health information including their emails and other demographic information. Also, often I will receive sensitive health information from my patients and I cannot afford a lawsuit if your company fails to protect my patient's privacy for any reason. What assurance can you provide that you will be held just as liable as I am for any breaches of security?
If this is the case, I would give up all hope. It has been requested for many years now. It's not a priority, and suspect it never will be. Single-tenancy infrastructure is more expensive, and the fines for failing to safeguard this kind of patient information are generally astronomical.
Personally, I think it should just be front and center that they don't wish to deal with clients that are required to safeguard this kind of information.
I can confirm that there haven't been any changes and Clause 2.9 of our TOU still applies here:
"The Subscription Service is not designed to comply with industry-specific regulations such as the Health Insurance Portability and Accountability Act (HIPAA) or the Federal Information Security Management Act (FISMA), so you may not use the Subscription Service where your communications would be subject to such laws."
I, however, wanted to share this article which provides some guidance and advice.
I see, I'm sorry to hear that and I apologize for the negative business impact his might have caused. Please let me know if there's anything else I can help with!