HIPAA Compliance with Zoho Writer

INTRODUCTION

The Health Insurance Portability and Accountability Act (including the Privacy Rule, Security Rule, Breach notification Rule, and Health Information Technology for Economic and Clinical Health Act) ("HIPAA"), requires Covered Entities and Business Associates to take certain measures to protect health information that can identify an individual. It also provides certain rights to individuals. Zoho does not collect, use, store or maintain health information protected by HIPAA for its own purposes. However, Zoho Writer provides certain features (as described below) to help its customers use Zoho Writer in a HIPAA compliant manner.

HIPAA requires Covered Entities to sign a Business Associate Agreement (BAA) with its Business Associates. You can request our BAA template by sending an email to legal@zohocorp.com.

Zoho Writer, as a part of the Office Suite from Zoho WorkDrive, provides all the HIPAA compliance features available in WorkDrive.

HIPAA compliance in Zoho Writer

Zoho Writer provides the following features for all the users to use Zoho Writer in a HIPAA compliant manner.

Document Content
Control access for collaborators
Auto file backup
Track changes
Publish with restrictions
Data Encryption
Data Privacy and Security

Document Content

The content written inside the Writer document including the comments will be considered as ePHI.

Control access for collaborators

User specific permission > Share files with individual colleagues or a group of collaborators while retaining control of your document. Permission levels can be set as follows; Read Only, Read/Comment, Read/Write, Co-owner or Read/Fill.

CheckOut/CheckIn > At any point, as the document owner, you can use the Pause Collaboration feature to lock the document completely; then, when you're ready for the next round of feedback, you can resume collaboration.

Lock/Unlock and Mask Content > You can lock the sensitive part of a document so that it is not altered by other collaborators. You can lock selected or unselected content based on your preferences. While collaborating on a document, you can also choose to conceal a piece of content you think is too sensitive to be shared as such.

Review the collaborators status in the document > You can view the status of each collaborator and see who has viewed, yet to view, or is active in the document.

Get notified for changes and comments > Writer notifies you of the changes made and comments inserted to the document via e-mail.

Notify collaborators of the changes > With just a short message, you can update single or multiple collaborators about the changes and avoid sending multiple emails.

Auto file Backup

Version History > Version history helps you keep track of all of the edits that were made in your document. You can see what has changed over time, easily.

Track Changes

This allows you to keep track of all changes that are made by you or the collaborators inside the document. Document copy/export operations will be tracked in the Audit Trail. The Audit Trail will be available forever until the Org/Team is deleted.

Publish with restrictions

You can publish documents inside or outside your organization from Writer. When you publish a document, a link will be generated which you can use to share your document and embed it in websites or blogs.

Data Encryption

Data is encrypted during transit and encryption at rest by default for content written in Zoho Writer. The data encryption details at Zoho are available here.

Data Privacy and Security

Data privacy and data security are two sides of the same coin. Therefore, we have brought in extra measures to secure your data and keep it private.

Password protection for files that are exported: You can choose to protect the data that is exported using a password. This way you will be able to restrict the unauthorized access to the information in the exported files.