Questions? Talk to a Real Person via our Live Chat
Can WordPress Be HIPAA Compliant in 2026? Security Plugins, Hosting, and What Actually Works
By Monica Dircio, , HIPAA Blog, HIPAA WordPress, Resources

Can WordPress Be HIPAA Compliant in 2026? Security Plugins, Hosting, and What Actually Works

The short answer: Yes — WordPress can support a HIPAA-compliant website. But WordPress itself is not HIPAA compliant out of the box, and neither are security plugins like Wordfence, Sucuri, Patchstack, or Solid Security. Installing a plugin is not enough. HIPAA compliance requires a HIPAA-compliant hosting environment with a signed Business Associate Agreement (BAA), encryption... Continue reading
What Does “HIPAA Certified” Mean? The Truth About HIPAA Certification
By Gil Vidals, , HIPAA Blog, HIPAA Compliance, Resources

What Does “HIPAA Certified” Mean? The Truth About HIPAA Certification

The short answer: There is no official government-issued “HIPAA certification.” The U.S. Department of Health and Human Services (HHS) does not offer, endorse, or recognize any HIPAA certification program. When a vendor, software provider, or service claims to be “HIPAA certified,” that certification comes from a private third-party organization — not from HHS or any... Continue reading
Is ChatGPT HIPAA Compliant? The HIPAA Compliant Version of ChatGPT Explained
By Monica Dircio, , Artificial Intelligence, HIPAA Blog, Resources

Is ChatGPT HIPAA Compliant? The HIPAA Compliant Version of ChatGPT Explained

Note: AI platform availability, HIPAA eligibility, and BAA offerings change frequently. This article reflects vendor documentation available at time of publication. Always verify current BAA eligibility directly with the vendor before transmitting PHI. The short answer: Free ChatGPT is not HIPAA compliant — and neither is ChatGPT Plus. OpenAI currently offers HIPAA-supporting deployments for qualifying... Continue reading
HIPAA Compliant Fax: What Healthcare Providers Need to Know in 2026
By Alicia Kelley, , HIPAA Blog, HIPAA Fax, Resources

HIPAA Compliant Fax: What Healthcare Providers Need to Know in 2026

Faxing can be HIPAA compliant — but only when done through a secure cloud fax service that signs a Business Associate Agreement (BAA) and encrypts transmissions. Traditional analog fax machines, consumer internet fax services, and free online fax tools are not HIPAA compliant. Using a non-compliant fax method to transmit protected health information (PHI) is... Continue reading
HIPAA Compliant Email Providers: The Complete 2026 Guide
By Josh Vidals, , HIPAA Blog, HIPAA Email, Resources

HIPAA Compliant Email Providers: The Complete 2026 Guide

Gmail (through Google Workspace Business Plus or higher), Outlook (through Microsoft 365 Business with the right licenses), and several other enterprise email platforms can be made HIPAA compliant — but only with a signed Business Associate Agreement (BAA) and proper configuration. Free Gmail, free Outlook.com, and consumer email accounts of any kind are not HIPAA... Continue reading