HIPAA Compliance
- Skip Ahead to
- Overview
- Enabling HIPAA
- Maintaining HIPAA Compliance
Overview
The Health Insurance Portability and Accountability Act of 1996 (HIPAA) is a federal law in the United States that requires the creation of national standards to protect sensitive patient health information from being disclosed without the patient's consent or knowledge. Businesses that are subject to the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) can use Asana to support HIPAA-compliant work management.
HIPAA compliance for Asana is governed by Asana’s Business Associate Addendum (BAA). For additional detail on HIPAA and Asana, please refer to the HIPAA Data Sheet.
If you are a part of Align Technologies, learn more about HIPAA compliance through Asana Smiles
Enabling HIPAA
Upon purchasing the HIPAA compliance option for Asana, the following steps will facilitate agreement to Asana’s Business Associate Addendum (BAA) and enable HIPAA compliance in your domain. Please note that a Super Admin must agree to Asana’s BAA in the Admin Console to activate HIPAA compliance.

From the Admin Console, navigate to the Security tab.

Navigate to “HIPAA compliance” and review the BAA + Use Requirements and Limitations.
.

Upon agreeing to the terms, please allow 24 hours for HIPAA compliance to activate across your domain..
Maintaining HIPAA Compliance
Please review Asana’s Data Sheet for guidance on maintaining HIPAA compliance in your domain.