“Is Hubspot HIPAA compliant?” is another very frequent question we hear at the agency. Hubspot has built a legendary brand. I don’t think there is a single marketer in this country who has not worked with Hubspot, has not attended at least one local Hubspot lunch and learn, and has not seen “Hubspot knowledge” as a requirement on a marketing job description.
Hubspot has served nearly every industry and nearly every business size. Healthcare is not an exception. Small practices and large hospitals, all have heard of Hubspot, but few can answer the question “Is Hubspot HIPAA compliant?”
Let’s cut to the chase: Hubspot is not HIPAA compliant. In their publicly available Terms of Service, they state:
The Subscription Service [Hubspot] is not designed to comply with industry-specific regulations such as the Health Insurance Portability and Accountability Act (HIPAA) or the Federal Information Security Management Act (FISMA), so you may not use the Subscription Service where your communications would be subject to such laws. You may not use the Subscription Service in a way that would violate the Gramm-Leach-Bliley Act (GLBA). Nothing contained in this section limits the usage restrictions specific to Sensitive Information under the Agreement.
I would like to emphasize the phrase ‘you may not use Hubspot where your communications would be subject to such laws [HIPAA]’.
The verdict is clear: Hubspot is not HIPAA compliant, and they specifically forbid the use of Hubspot for projects requiring such compliance.
If you ask me why earlier I said that Hubspot serves healthcare industry as well, it’s because not every clinic or physician is subject to HIPAA (more on this in my previous post “Do I Need HIPAA Compliant Marketing?”). And frankly, there are some organizations that simply did not read the fine print and are not aware that Hubspot is not HIPAA compliant. If you know some of them, make sure to send them a link to this post because I am about to share what to do when you need a robust HIPAA compliant CRM and HIPAA compliant marketing automation software.
A few years ago, I was in the same shoes searching the industry high and low for a HIPAA compliant CRM that is user-friendly, caters to healthcare needs, and doesn’t cost an arm and a leg. And I found the solution!
VIP has a few significant advantages over Hubspot:
- Pricing (no overages or contact limits as of now)
- Focus on medical needs (lots of automations around appointments or no-shows)
- Flexible SMS communication, VoIP phone, email integrations.
- AI-powered reputation management.
And these are just to name a few. VIP is not just a HIPAA compliant CRM, it’s a full HIPAA compliant marketing automation platform designed for clinics of all sizes. You can find the table of comparison between VIP and Hubspot here.