HIPAA compliant ?

January 25, 2018 3.4k views

Is your hardware HIPAA compliant?

We would like to go with DO, however we would like to know if it is HIPAA compliant?

Also do they sign BAA agreement?

3 Answers

DigitalOcean is not specifically HIPAA compliant, nor HITECH Certified, although they will sign a BAA. Current DigitalOcean certifications include:

DigitalOcean Certifications

  • ISO/IEC 27001:2013 Certification
  • EU-U.S. and Swiss-U.S. Privacy Shield Certification

Datacenter Colocation Attestations and Certifications

  • 6/12 Datacenters = SOC 1 Type II
  • 10/12 Datacenters = SOC 2 Type II
  • 8/12 Datacenters = ISO/IEC 27001:2013
  • 8/12 Datacenters = PCI-DSS

You can see specific Datacenter Colocation Attestations and Certifications here.

If you require a HIPAA compliant host, I’d recommend reviewing this article.


A quick update on this question:

We will sign Business Associate Agreements, and certainly believe we fulfill all of the obligations under the Security and Privacy Rules (and well beyond).


Have another answer? Share your knowledge.