Zoho Sprints HIPAA Compliance Guide
The Health Insurance Portability and Accountability Act (including the Privacy Rule, Security Rule, Breach notification Rule, and Health Information Technology for Economic and Clinical Health Act) ("HIPAA"), requires Covered Entities and Business Associates to take certain measures to protect health information that can identify an individual. It also provides certain rights to individuals. Zoho does not collect, use, store or maintain health information protected by HIPAA for its own purposes. However, Zoho Sprints provides certain features (as described below) to help its customers use Zoho Sprints in a HIPAA compliant manner.
HIPAA requires Covered Entities to sign a Business Associate Agreement (BAA) with its Business Associates. You can request our BAA template by sending an email to legal@zohocorp.com.
HIPAA compliance in Zoho Sprints
To ensure the security of your information, you can take the following actions in your Zoho Sprints account,
- Mark ePHI fields to distinguish their data
- Encrypt data entered into ePHI designated fields
- Administer roles and permissions to secure data
- Export audit trail to monitor operational activities
Marking ePHI Fields
You can mark a field as ePHI if it contains the health information of your customers or patients. To mark fields that contain personal health data,
- Navigate to Setup and click a module under Custom Layouts and Fields.
- Select the desired layout to edit it.
- Go to the respective custom field and click Edit
.
- Click Update and save the layout.
Marking the field as ePHI will automatically turn on the Encrypt field option. Nevertheless, you can turn it OFF manually (not recommended).
The following are the PII/ePHI supported fields in Zoho Sprints
| Field Name | PII/ePHI | Encrypt |
| Single-Line Text | Yes | Yes |
| Text Area | No | No |
| HTML | No | No |
| Check Box | No | No |
| Radio Button | No | No |
| Integer | Yes | Yes |
| Pick List | No | No |
| Multi-Select | No | Yes |
| Decimal | Yes | Yes |
| Date | No | No |
| Date and Time | No | No |
| URL | No | No |
| Email | Yes | Yes |
| User Pick List | No | No |
| Boolean | No | No |
| Percentage | Yes | Yes |
| Currency | Yes | Yes |
| Lookup | No | No |
| Formula | Yes | Yes |
Encrypting ePHI Field Data
ePHI stands for Electronic Protected Health Information. Fields that contain ePHI can be encrypted for additional security. Though field encryption is not a mandatory step in Zoho Sprints, we strongly recommend you enable encryption so that your data will be stored in our DB with encryption. In case you’d like to know more about the certifications, click here.
Administering Roles and Permissions
Profiles on Zoho Sprints lets you define permissions. You can tightly control who in your organization has access to what information.
Exporting Audit Trial
Zoho Sprints stores the audit logs—that is, information about addition, update, and deletion made to your database records—in the back end. We have provided an option to export this data, which can be done using the Export Data option under Audit Log.
Other Security Related References for Zoho Sprints
Access your files securely from anywhere
Zoho CRM Training Programs
Learn how to use the best tools for sales force automation and better customer engagement from Zoho's implementation specialists.
Zoho DataPrep Personalized Demo
If you'd like a personalized walk-through of our data preparation tool, please request a demo and we'll be happy to show you how to get the best out of Zoho DataPrep.
- Zoho Workerly Home
- Forums
- Connect With Us:
- Zoho Recruit Home
- Forums
- Connect With Us:
New to Zoho Writer?
Create. Review. Publish.
New to Zoho CRM Plus?
Deliver unforgettable customer experiences
New to Zoho CRM Plus?
Deliver unforgettable customer experiences
New to Zoho Marketing Plus?
Everything you need to run your marketing
New to Zoho Marketing Plus?
Everything you need to run your marketing
You are currently viewing the help pages of Qntrl’s earlier version. Click here to view our latest version—Qntrl 3.0's help articles.
New to Zoho Survey?
Zoho Sheet Resources
Zoho Forms Resources
New to Zoho Sign?
Zoho Sign Resources
Sign, Paperless!
New to Zoho TeamInbox?
Zoho TeamInbox Resources
New to Zoho ZeptoMail?
Design. Discuss. Deliver.
New to Zoho Workerly?
New to Zoho Recruit?
New to Zoho CRM?
New to Zoho Projects?
New to Zoho Sprints?
New to Zoho Assist?
New to Bigin?
Related Articles
Zoho Sprints GDPR Compliance
Data privacy and security are the core elements that every business should guarantee its customers with. Keeping this in mind, the European Union's General Data Protection Regulation (GDPR) came into discussion. It enforces all the businesses across ...Zoho Sprints Quickstart Guide
Zoho Sprints is a project management tool that functions on the principles of Agile Scrum methodology. Here, each project is divided into multiple phases. Each phase comprises select work items for the team to complete. When those work items are ...Introduction to Zoho Sprints API
Zoho Sprints APIs use Oauth 2.0 framework for authorization and authentication. They are REST based and will help you manage your data in Sprints with ease. You will be able to integrate with other Zoho applications and third-party applications using ...Guidelines to follow while closing your Zoho Sprints account
When you're permanently closing your Zoho Sprints account, you need to do the following for the security and privacy of your data. Take a backup Click the gear icon. Click Account Settings from the left panel. Select Backup. Click Yes in the pop-up. ...Zoho Sprints Data Deletion Process
Delete Sprints Workspace You can delete your Zoho Sprints workspace. When you delete the Sprints workspace, PII data will be deleted immediately and the team will be scheduled for the data cleanup process and it cannot be recovered. Inactive ...
New to Zoho LandingPage?
Zoho LandingPage Resources