The Health Insurance Portability and Accountability Act of 1996 (HIPAA) is a federal law that establishes data privacy and security requirements for organizations that are charged with safeguarding individuals' protected health information (PHI). These organizations meet the definition of “covered entities” or “business associates” under HIPAA.
Customers that are subject to HIPAA and want to utilize any Google Cloud products in connection with PHI must review and accept Google's Business Associate Agreement (BAA). Google ensures that the Google products covered under the BAA meet the requirements under HIPAA and align with our ISO/IEC 27001, 27017, and 27018 certifications and SOC 2 report.
NSPECT.IO Uses Google Cloud Platform for marketplace and other operations .The Google Cloud Platform BAA covers GCP’s entire infrastructure .