Contact Us

If you still have questions or prefer to get help directly from an agent, please submit a request.
We’ll get back to you as soon as possible.

Please fill out the contact form below and we will reply as soon as possible.

  • Contact Us
  • Home
  • Subscription

HIPAA Compliance

Learn how to protect private health information and ensure your organization and Appcues account is compliant with HIPAA regulations.

Written by Sean Edwards

Updated at June 20th, 2024

Contact Us

If you still have questions or prefer to get help directly from an agent, please submit a request.
We’ll get back to you as soon as possible.

Please fill out the contact form below and we will reply as soon as possible.

  • FAQs
  • Support
  • Installation & Developers
    Installing Appcues Web API & Data Extras Troubleshooting Installing Appcues Mobile
  • Web Experiences
    Studio Building Web Experiences Customization & Styling FAQ Targeting Troubleshooting Use Cases
  • Mobile Experiences
    Building Mobile Experiences Installation & Overview Troubleshooting Mobile Analytics & Integrations
  • Account Management
    Subscription Users & Data
  • Analytics
    Experience and Event Analytics Data
  • Best Practices
    Product-led Growth Pro Tips Best Practices Use Cases
  • Integrations
    Integration Documents Extras Use Cases
  • System Status
    System Status & Incidents
  • Workflows
    Use Cases Building & Configuration Workflow Analytics and Integrations
+ More

What is HIPAA?

HIPAA, is the Health Insurance Portability and Accountability Act, a United States law that regulates the sharing of Protected Health Information (PHI).   More information about HIPAA and privacy can be found on the HHS.gov website.

What is unique about a HIPAA-compliant Appcues account?

Standard Appcues accounts are configured to keep data secure and confidential. However, to properly safeguard any PHI sent to Appcues, your analytics data will be stored in a database specifically certified for HIPAA compliance (by default all non-analytics data is stored in a HIPAA compliant way).  In addition legal agreements need to be signed that clearly state Appcues and the customers responsibilities to maintain HIPAA compliance.  

How do I enable my account for HIPAA compliance?

Please follow these steps: 

  1. HIPAA compliance starts on the Appcues Enterprise plan levels; contact sales@appcues.com to discuss adding HIPAA compliance to your account. You will need your Appcues account ID.  As a part of this step they will provide you documents to review and sign. 
  2. To protect your data, you must implement Identity Verification and review and adopt any relevant security features described in the Shared Responsibility Model for Security and Privacy.
  3. You will need to sign the agreements provided by Appcues, including the Appcues Business Associate Agreement (BAA), and the Appcues Business Associate Addendum.  If you have a preferred BAA, Appcues can sign it, but even in that case you must also sign the Appcues Business Associate Addendum.
  4. Once steps 1-3 are complete, the Appcues team can configure your account to be HIPAA compliant.
  5. Once configured, Appcues will sign and return your BAA, signaling that your account is fully HIPAA compliant to process PHI.

What is the Appcues Business Associate Addendum?

Under HIPAA regulations, SaaS providers such as Appcues are considered business associates. The Business Associate Addendum is an Appcues contract that is required by Appcues to ensure that Appcues can appropriately safeguard protected health information (PHI). The Addendum also clarifies and limits, as appropriate, the permissible uses and disclosures of PHI by Appcues, based on the relationship between Appcues and our customers and the activities or services being performed by Appcues.

More Information

Appcues has a comprehensive security program that is documented in our Trust Center. You can find the answers to many common HIPAA questions in our Trust Center FAQ.

Was this article helpful?

Yes
No
Give feedback about this article

Related Articles

  • Identity Verification
  • Shared Responsibility Model for Security and Privacy
DON'T TAKE OUR WORD FOR IT

Start building with Appcues for free

Try before you buy
No credit card required
Support included
Start building for freeBook a demo
or take an interactive tour
Appcues logo

Product

In-app messaging
Email
Push notifications
Workflows
Data
How it works
Pricing
What's new

Use cases

Onboarding
Free-trial conversion
Feature adoption
Feedback
Support

Integrations

Why connect
All integrations
All workflows

Company

About
Careers
HIRING
Why Appcues
Teams
Customers

Support

Request a demo
Start free trial
Developer Docs
Help Center
Customer Success
Contact

Resources

Product Adoption Academy
Courses
Workshops
Templates
Examples
Made with Appcues
The Appcues Blog
PLG Collective
Product-led Experience Report
The Product Experience Playbook
The Product-Led Growth Flywheel
© 2025 Appcues. All rights reserved.
SecurityTerms of ServiceWebsite Terms of UsePrivacy PolicyCookie Preferences
Expand