Business Associate Addendum Restrictions
This article provides guidance about the Salesforce HIPAA Business Associate Addendum (“BAA”) that Salesforce offers Customers for the HIPAA Covered Services (as defined below). For Customer’s use of a HIPAA Covered Service to be covered by the BAA: (1) Customer and Salesforce must sign a BAA that includes the HIPAA Covered Service; and (2) Customer must comply with the terms of the BAA and this article, to the extent applicable. In the event of a conflict between the BAA and this article, the terms of the BAA govern.
Use of PHI with HIPAA Covered Services
Encryption
Customer is responsible for ensuring the secure transmission of PHI data to and from the HIPAA Covered Services.
Customer must encrypt all PHI: (1) transmitted using the HIPAA Covered Services; and (2) to the extent within Customer’s control, stored in the HIPAA Covered Services. That encryption must be consistent with the Secretary of HHS’s Guidance to Render Unsecured Protected Health Information Unusable, Unreadable, or Indecipherable to Unauthorized Individuals, available at https://www.hhs.gov/hipaa/for-professionals/breach-notification/guidance/index.html, as it may be updated from time to time, and as may be made available on any successor or related site designated by HHS.
Service-Specific Restrictions
B2C Commerce Services
The B2C Commerce Covered Services extend Salesforce-maintained cryptography libraries that enable Customer to encrypt, sign, and generate cryptographically strong tokens and secure random identifiers. Customer must implement cryptography whenever Customer stores, processes, or transmits PHI.
Notwithstanding the foregoing, Commerce Cloud Einstein (including services formerly branded by Demandware as Predictive Email) is not covered by the BAA.
Digital Process Automation
Einstein Services
The Einstein Services are not intended to be used, and Customer may not use the Einstein Services: (1) as a substitute for professional medical or healthcare advice, diagnosis, or treatment; (2) as a medical device, software, or software function for the direct diagnosis of, or in the direct mitigation, treatment, or prevention of, a disease or other condition; or (3) to infer, predict or interpret an individual's medical or health diagnosis, condition, status, program eligibility, or outcome.
With respect to Einstein Bots, Customer may not: (a) submit PHI to, or use PHI in, any utterance records; or (b) enable any Answer Automation or Input Recommender features or functionality of Einstein Bots that could result in the submission or use of PHI therein.
With respect to Einstein GPT for Commerce, Einstein GPT for Sales, and Einstein GPT for Service, Customer is responsible for ensuring that its use of any third-party Large Language Model (LLM) service provider in conjunction with those Services meets HIPAA requirements.
With respect to Agentforce Services and Prompt Builder and to the extent within Customer’s control, Customer must enable, maintain, and use Data Masking in the Einstein Trust Layer configuration for Customer’s HIPAA Covered Services.
Government Cloud Plus infrastructure environment
Heroku Services
The following restrictions apply to the relevant Heroku Services:
- Shield Private Spaces: PHI must only be handled inside Shield Private Spaces. Standard Private Spaces and the Common Runtime are not covered by the BAA.
- Shield Private Dynos: PHI must only be transmitted to and from, and processed by, Shield Private Dynos running inside a Shield Private Space. No other dyno types are covered under the BAA.
- Shield Private Postgres: PHI must only be transmitted to and from, or stored in, Shield Private Postgres Databases running inside a Shield Private Space. No other Heroku Postgres plans are covered under the BAA.
- Shield Connect: PHI must only be transmitted and processed by Shield Private Postgres running inside a Shield Private Space connected to a Salesforce organization with a valid and signed BAA.
- Apache Kafka on Heroku Shield: PHI must only be transmitted to and from, or stored in, Apache Kafka on Heroku Shield data services running inside a Shield Private Space. No other Apache Kafka on Heroku plans are covered under the BAA.
- Heroku Shield Redis: PHI must only be transmitted to and from, or stored in, Heroku Shield Redis data services running inside a Shield Private Space. No other Heroku Redis plans are covered under the BAA.
In a Private Space, Heroku applications are able to communicate with each other over the local dyno network. If Customer transmits PHI over the local dyno network in a Private Space, Customer must encrypt the PHI in transit.
PHI may be stored, processed, and transmitted within Apache Kafka running in a Shield Private Space with two exclusions: Customer may not use PHI as or in any: (1) Topic Name, or (2) Access Control List (ACL).
To the extent Customer includes PHI in its log data, Customer must explicitly enable the Private Space Logging or use equivalent encryption functionality for all log data. Logging in a Shield Private Space can be configured in two ways: Private Space Logging or standard app-level logging. If Customer has not enabled Private Space Logging, Customer must use Shield Private Space standard app-level logging.
- Private Space Logging. If Private Space Logging is enabled on a Shield Private Space, then Customer may transmit PHI in the log stream. It is Customer’s responsibility to ensure that such transmissions and subsequent handling of PHI by the receiving log capture service meet HIPAA requirements.
- Standard app-level logging. If a Shield Private Space uses standard app-level logging, then Customer must not transmit PHI in the log stream. It is Customer’s responsibility to ensure that PHI does not enter the log stream by ensuring that:
- PHI is not inadvertently logged by a Postgres database. Customer may turn off logging for Customer’s Postgres database by using the --block-logs option when creating the database.
- PHI is not included in the URL or query string submitted to web processes and logged by the Heroku router.
- PHI is not printed to stdout by the application process.
- Customer can check if Private Space Logging is enabled for a space with the CLI command:
- $ heroku drains:get --space acme-space.
- https://drain.example.com (d.1234abcd-edf8-4321-1234-bf34c9cbda77).
Intelligence (formerly Datorama) Services
The following restrictions apply to the relevant Intelligence service:
Intelligence: Customer must encrypt PHI whenever Customer stores, processes, or transmits PHI. Customer must not use R_Script functions within calculations with respect to data containing PHI. When creating a custom visualization of the data canvas and/or writing custom code, Customer must ensure that all external resources are HTTPS-based.
Unsecured connections such as HTTP must not be used. When using email to transmit PHI to Intelligence, the email provider must support and use encryption.
PHI must not be transmitted to Intelligence with FTP or with the “control+shift” connector. Connectors downloaded from the marketplace from any vendor other than Intelligence must not be used to transmit PHI. If Customer writes its own custom connector, the connector must only transmit PHI through secure HTTPS calls.
When using the python retrieval method, Customer must not insert any python code which contains “http” or other unsecured calls. When PHI is connected or retrieved live through direct connect to a database using a connection string, SSL must be stated.
Intelligence and Intelligence Reports for Engagement: When PHI is transmitted from the Intelligence Services, secure HTTPS connections must be used. PHI must not be transmitted from the Intelligence Services with FTP. When using email to transmit PHI from the Intelligence Services, the email destination provider must support encryption.
Intelligent Form Reader
Loyalty Management
Marketing Cloud Personalization
Marketing Cloud Growth
Mulesoft
The following restrictions apply to the relevant Mulesoft service:
- Anypoint Runtime Manager: PHI must only be handled inside Customer's dedicated Virtual Private Cloud. PHI should further be restricted by using CloudHub’s Dedicated Load Balancing Service where applicable. CloudHub’s non-dedicated runtime environment is not covered by the BAA.
- Anypoint Monitoring: PHI must only be handled inside Customer’s dedicated Anypoint Monitoring implementation. The dedicated Anypoint Monitoring is available to Customers under the Titanium subscription. PHI should further be restricted by using the tokenizer connector where applicable. Anypoint Monitoring non-dedicated environment is not covered by the BAA.
- Anypoint MQ: PHI must only be transmitted to and processed by encrypted queues, or payloads that were encrypted by Customer before publishing messages to Anypoint MQ. The time-to-live (TTL) should be set to the minimum value needed. Non-encrypted queues are not covered under the BAA.
- Anypoint Object Store v2: PHI must only be transmitted to and stored in Object Store v2 for the minimum amount of time necessary for the workload. This requires Customer to set the appropriate time-to-live (TTL). Object Store v2 is not designed for permanent storage.
- Anypoint Security: Anypoint Security is a set of features that can help Customers secure their PHI within the context of an application network. However, PHI must only be transmitted and processed by CloudHub runtimes running inside a CloudHub Virtual Private Cloud connected to an Anypoint Platform organization with a valid and signed BAA.
In a CloudHub Virtual Private Cloud, runtimes are able to communicate with each other internally as well as externally. If Customer’s application transmits PHI, such application must encrypt the PHI in transit. Customer must validate that PHI is encrypted in the payload and/or in the transmission.
CloudHub provides access to log data that includes deployment messages and events for each worker. CloudHub stores logs of up to 100 MB per application per worker, or for up to 30 days, whichever limit is reached first. If CloudHub Application Logs need to be archived or downloaded for audit, analytics or similar purpose on regular intervals, please use Custom Log Appender to extract logs.
If Customer uses CloudHub application logging, then Customer must not transmit PHI in the log stream. It is Customer’s responsibility to ensure that PHI does not enter the log stream by ensuring that:
- PHI is not accidentally logged by custom configuration of logging parameters,
- PHI is not included in the URL or query string submitted to web processes and logged by the Anypoint Platform, and
- PHI is not printed to stdout by the application process.
Customer can transmit PHI in the log stream when using a custom log appender and sending all logs to the source of the Customer’s choosing (Splunk, ELK, etc.). It is Customer’s responsibility to ensure that such transmission and subsequent handling by the receiving log capture service meet HIPAA requirements.
If Anypoint Monitoring Logging is enabled in the dedicated option available under the Titanium subscription then Customer may transmit PHI in the log stream, or use the log tokenization connector to tokenize the logs or items in the logs. It is Customer's responsibility to ensure such transmission, and subsequent handling, meet HIPAA requirements.
Service Cloud Voice
Salesforce Contracts
Slack Enterprise Plans
2. Advance Notice to Slack of Permitted Organizations or Workspaces or Purchase of the “Slack - HIPAA Enabled” SKU. To ensure workspaces are properly provisioned and supported, Slack must be made aware in advance of organizations or workspaces in which Customer intends to submit, collect, or use PHI.
For workspaces provisioned before March 20, 2023, Customer must have notified Slack in advance in writing (email ok) of the name and URL of each organization or workspace with which Customer intended to submit, collect, or use PHI and received confirmation in writing (email ok) that HIPAA readiness had been enabled.
On or after March 20, 2023, Customer must purchase the “Slack - HIPAA Enabled” SKU, along with a covered enterprise plan.
Please note: For Enterprise Grid customers, Slack will enable the backend HIPAA flag for all workspaces within the designated organization, including new workspaces later created within that organization. BAA coverage will NOT automatically extend to every organization or workspace owned by a given Customer, only those appropriately designated as being HIPAA-enabled.
2. PHI-Prohibited Slack Fields. Users may not include PHI in any of the following:
- File names
- Channel names
- Canvas names
- Slack user profile data
- Custom Slack profile fields
- Custom emoji names
- Custom statuses
- Workspace or Organization name or URL domain
- Enterprise Mobility Management custom messages
- The name or handle of user groups
- Custom Platform app and workflow metadata, including app name, function name, workflow name, function code, and datastore information
Users may include PHI in the contents of messages, files, huddles, video and audio clips, and data submitted to custom apps built by Customer to run on Slack Infrastructure.
Tableau Cloud is not intended to be used, and Customer may not use Tableau Cloud: (1) as a substitute for professional medical or healthcare advice, diagnosis, or treatment; (2) as a medical device, software, or software function for the direct diagnosis of, or in the direct mitigation, treatment, or prevention of, a disease or other condition; or (3) to infer, predict, or interpret an individual's medical or health diagnosis, condition, status, program eligibility, or outcome.
With respect to Tableau Agent and to the extent within Customer’s control, Customer must enable, maintain, and use Data Masking in the Einstein Trust Layer configuration for Customer’s HIPAA Covered Services.
Customers may not use any Tableau Cloud “Broadcast” features or similar functionality in conjunction with Tableau Public or any other public-facing forum service, in a manner that could result in the publication or disclosure of data visualizations and/or their underlying workbooks, which may contain or be derived from PHI..
In addition, Tableau Bridge, Tableau Data Connect, and Tableau Server are not covered by the BAA.
HIPAA Covered Services
The online services listed below provided to Customer by SFDC comprise the “HIPAA Covered Services”; provided, however, that the HIPAA Covered Services do not include any portion of such Services that are deployed on Customer’s premises. Unless specifically noted below, the HIPAA Covered Services include the online services when operating on Salesforce first party infrastructure, Hyperforce (formerly Salesforce Unified Cloud) infrastructure, or other public cloud infrastructure.
B2B Commerce (formerly branded as CloudCraze)
B2B2C Commerce
B2C Commerce Services³ presently branded as Commerce Cloud Digital (B2C Commerce GMV or B2C Commerce PPO)
Chatter
CRM Analytics (formerly branded as Tableau CRM)
Customer Data Cloud (also presently branded as Salesforce Data Cloud)
Customer Data Platform (formerly branded as Salesforce CDP)
Database.com
Digital Process Automation3 (including Decision Tables, Data Processing Engine, Omnistudio, Business Rules Engine, Client-Side Document Generation, and Server-Side Document Generation)
Einstein Services³ presently branded as:
- Agentforce Assistant (formerly known as Einstein Copilot);
- Agentforce Sales Coach;
- Agentforce SDR;
- Agentforce Service Agent;
- Einstein Article Recommendations;
- Einstein Bots;
- Einstein Case Classification;
- Einstein Case Wrap Up;
- Einstein Conversation Mining;
- Einstein GPT for Commerce;
- Einstein GPT for Sales;
- Einstein GPT for Service;
- Einstein Prediction Builder;
- Einstein Recommendation Builder;
- Einstein Reply Recommendations;
- Einstein Vision and Language; and
- Prompt Builder
Emergency Program Management
Employee Health Verification package (a feature of Employee Productivity)
Experience Cloud (formerly branded as Community Cloud)
Government Cloud Plus3 infrastructure environment
Headless Browser Service
Health Cloud
Heroku Services3 presently branded as:
- Heroku’s Shield Private Spaces;
- Shield Private Dynos;
- Shield Connect;
- Shield Private Postgres;
- Apache Kafka on Heroku Shield; and
- Salesforce Functions (including Salesforce Elastic Services)
Intelligence Services³ presently branded as:
- Intelligence (formerly branded as Datorama), but only when provisioned on infrastructure provided by Amazon Web Services in its capacity as an SFDC Subcontractor; and
- Intelligence Reports for Engagement (formerly branded as Datorama Reports for Marketing Cloud)
Intelligent Form Reader³, but only when used in conjunction with the HIPAA Covered Services identified herein
IoT Explorer
Life Sciences Cloud
Lightning B2B Commerce
Lightning Platform (including Force.com and Salesforce Surveys)
Loyalty Management³
Marketing Cloud Engagement (formerly branded as ExactTarget)
Marketing Cloud Personalization³ (formerly branded as Interaction Studio) (exclusive of Interaction Studio (Legacy)), but only when provisioned on infrastructure provided by Amazon Web Services in its capacity as an SFDC Subcontractor
Marketing Cloud Growth³
Messaging for In-App and Web
Mulesoft Services³ presently branded as:
- Anypoint Runtime Manager;
- Anypoint Monitoring;
- Anypoint MQ;
- Anypoint Object Store v2; and
- Anypoint Security
Nonprofit Cloud Services presently branded as:
- Nonprofit Cloud Case Management (refers to the managed package branded as Nonprofit Cloud Case Management); and
- Nonprofit Cloud for Grantmaking
Privacy Center
Quip Services presently branded as:
- Quip Starter;
- Quip Plus;
- Quip Advanced;
- Quip Virtual Private Cloud;
- Quip Mobile; and
- Quip Live App Platform
Sales Cloud
Salesforce Contracts³
Salesforce Maps Services presently branded as:
- Salesforce Maps;
- Salesforce Maps Advanced;
- Territory Planning; and
- Live Tracking
Salesforce Mobile App
Salesforce Order Management
Salesforce Payments
Salesforce Private Connect
Salesforce Slack Integration Proxy
Service Cloud (including Field Service (formerly branded as Field Service Lightning) and Live Agent)
Service Cloud Voice³, but only when provisioned on Salesforce first party infrastructure and Hyperforce infrastructure
Site.com
Slack Enterprise Plans³ (excluding GovGrid plans), but only once confirmed by Slack to be HIPAA-enabled
Tableau Cloud³
Unified Messaging
Vlocity Health package
1 References to the BAA are deemed to include any prior BAA Amendment entered into by Customer, unless such BAA Amendment has been superseded or replaced.
2 This article supersedes and replaces any prior BAA restrictions article(s) to which Customer’s use of any HIPAA Covered Services was subject.
3 See Service-Specific Restrictions.