The Health Insurance Portability and Accountability Act (including the Privacy Rule, Security Rule, Breach notification Rule, and Health Information Technology for Economic and Clinical Health Act) ("HIPAA"), requires Covered Entities and Business Associates to take certain measures to protect health information that can identify an individual. It also provides certain rights to individuals. Zoho does not collect, use, store or maintain health information protected by HIPAA for its own purposes. Zoho LandingPage provides features to help its customers use landing pages in a HIPAA compliant manner. HIPAA requires Covered Entities to sign a Business Associate Agreement (BAA) with its Business Associates. You can request our BAA template by sending an email to legal@zohocorp.com. Zoho LandingPage provides the following features and controls that allow administrators to implement a website in a HIPAA compliant manner for their organization.

Secure Socket Layer (SSL) establishes an encrypted link between the web server and a web browser. It provides encryption in transit. With Zoho LandingPage, business owners can install their own SSL Certificates or purchase one from 'let's encrypt' for free. SSL protocol provides encryption, authenticity, and integrity for your landing pages. Documents such as web pages from an HTTPS website secured by an SSL certificate have their integrity verified by an encrypted hash contained in the digital signature, which is independently computed by the browser before trusting the document. The data cannot be intercepted and manipulated by a malicious third party while in transit without the browser detecting the issue and alerting the user.