The Health Insurance Portability and Accountability Act (including the Privacy Rule, Security Rule, Breach notification Rule, and Health Information Technology for Economic and Clinical Health Act) ("HIPAA"), requires Covered Entities and Business Associates to take certain measures to protect health information that can identify an individual. It also provides certain rights to individuals. Zoho Solo does not collect, use, store or maintain health information protected by HIPAA for its own purposes. However, Zoho Solo provides certain features to help its customers use Zoho Solo in a HIPAA compliant manner.

HIPAA requires Covered Entities to sign a Business Associate Agreement (BAA) with its Business Associates. You can request our BAA template by sending an email to legal@zohocorp.com.

Any data in Solo that has health information is classified as ePHI. This includes the contacts you add, the tasks you create, the expenses you log, and the invoices you generate.

The event title and description in contacts and tasks are not considered ePHI and are not encrypted.

If you need any data to be encrypted, you can reach out to us at support@zohosolo.com or support@eu.zohosolo.com for EU region.

Audit trail allows you to keep a track of your activities in Zoho Solo - how many entities are added, to whom the entities are shared, and so on. You can access this through the Activity Log, which lets you monitor actions and export data whenever needed.