Sharepoint and HIPAA

Amy Espinosa 21 Reputation points

I am in a medical practice and we want to use Sharepoint drive to communicate patient information / hand-offs. Several members of the team do not have O365 accounts. If we share with them as external users and have PHI in the drive is this HIPAA compliant?

A group of Microsoft Products and technologies used for sharing and managing content, knowledge, and applications.
9,214 questions
0 comments No comments
{count} votes

Accepted answer
  1. Elsie Lu_MSFT 9,751 Reputation points

    Hi @Amy Espinosa , welcome to Q&A forum!

    If the users don’t have O365 accounts and want to access the content in the SharePoint Online site, yes we can use external sharing. And the content of SPO are all stored in the servers of Microsoft which cannot be accessed by external factors, so usually the driver on your servers will not affect SPO.

    In addition, SPO is also very cautious about the permission level. You can give external users the permission level you want.

    For more information about how to use external sharing you could refer to:
    External sharing overview

    If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".

    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

    0 comments No comments

0 additional answers

Sort by: Most helpful