DocuGen offers optional compliance with Health Insurance Portability and Accountability Act (HIPAA) to customers who expect to generate documents containing personal health information (PHI). Please read the information below and submit your HIPAA compliance request using the form at the bottom.
How DocuGen ensures compliance with HIPAA
Our services are designed to be compliant with the HIPAA rules and standards, including secure encryption of customer information that may contain health information at rest, in transit, and during processing (such as while generating a document).
We have data protection policies, including regular employee training, which guide our team in how to keep protected data secure.
In addition, we maintain Business Associate Agreements (BAA) with our subcontractors and sub-processors who may handle on our behalf customer information containing PHI, including our hosting provider (AWS) and our email provider (Google.) For subcontractors and sub-processors who are unable to offer HIPAA compliance or a BAA, we make sure not to process any PHI through them.
If you wish to opt-in DocuGen’s HIPAA compliance, you must be on an Enterprise plan (1,000 monthly documents or above). Free, Basic, and Standard Plans don’t qualify for HIPAA compliance.
In addition, you must have a BAA in place with monday.com. Because DocuGen runs on top of monday.com and uses monday.com APIs to access your data (potentially including PHI), our BAA is not valid unless your monday.com BAA is active and valid at all times.
How to opt-in DocuGen HIPAA compliance
In order to sign up to DocuGen’s HIPAA compliance, please fill out this form.
As part of your opt-in, you will be requested to do the following:
- Sign the DocuGen BAA
- Confirm that you have an active BAA with monday.com
- Ensure that you disable the options to email documents generated by DocuGen from the Settings tab of all your DocuGen views, specifically “Send as an email attachment” and “Send to email column”. Since we don’t currently have a way to enforce this from our side, we request that you disable this option through the DocuGen interface as explained here.
Got more questions? Feel free to reach us at email@example.com