If all the content added to Trello boards does not include protected health information, would it's use be HIPPA complaint? Could Trello access the information in emails or OneDrive files with this integration? What about the content added to Calendar appointments?
My client is a USA healthcare service provider that has HIPAA compliant requirement and had been using a industry specific CRM for several years. When the embarked on journey to explore the use of Trello, the have the basic not encrypted part of their Jotform created as a card with a link to the encrypted file in Google Drive under the name and Jotform submission ID. The information in Trello would be enough as it would for someone handling the necessary paperwork to provide services to their customers.
This part of the intake process had proven to work but the project did not quite take off for other non-Trello specific issues (at least in my opinion). In fact, they have work distributed to other department boards for work to be coordinated between them which were previously done entirely via emails between team members and external parties.
While I am not a HIPAA compliance expert, I had been in the systems integration business in my country for many years (earlier years) of my profession career and we had to handle sensitive patient data with great care. I doubt HIPAA would be much different as we used the base code for a USA healthcare solution and later SAP Healthcare.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.