Business Associate Addendum Restrictions

This article provides guidance about the Salesforce HIPAA Business Associate Addendum (“BAA”)¹ that Salesforce offers Customers for the HIPAA Covered Services (as defined below). For Customer’s use of a HIPAA Covered Service to be covered by the BAA: (1) Customer and Salesforce must sign a BAA that includes the HIPAA Covered Service; and (2) Customer must comply with the terms of the BAA and this article, to the extent applicable. In the event of a conflict between the BAA and this article², the terms of the BAA govern.

When submitting PHI to, or using PHI with, any of the HIPAA Covered Services, Customer must ensure that the submission of PHI to, or use of PHI with, those HIPAA Covered Services is consistent with Salesforce’s (1) Acceptable Use and External Facing Services Policy; and (2) Artificial Intelligence Acceptable Use Policy (to the extent applicable), each at https://www.salesforce.com/company/legal/agreements.

Customer is responsibile for ensurging the secure transmission of PHI data to and from the HIPAA Covered Services.

Customer must encrypt all PHI: (1) transmitted using the HIPAA Covered Services; and (2) to the extent within Customer’s control, stored in the HIPAA Covered Services. That encryption must be consistent with the Secretary of HHS’s Guidance to Render Unsecured Protected Health Information Unusable, Unreadable, or Indecipherable to Unauthorized Individuals, available at https://www.hhs.gov/hipaa/for-professionals/breach-notification/guidance/index.html, as it may be updated from time to time, and as may be made available on any successor or related site designated by HHS.

The B2C Commerce Covered Services extend Salesforce-maintained cryptography libraries that enable Customer to encrypt, sign, and generate cryptographically strong tokens and secure random identifiers. Customer must implement cryptography whenever Customer stores, processes, or transmits PHI.

Notwithstanding the foregoing, Commerce Cloud Einstein (including services formerly branded by Demandware as Predictive Email) is not covered by the BAA.

To the extent Customer uses PHI obtained from a third-party or external data source in conjunction with Digital Process Automation, Customer is responsible for ensuring its acquisition and use thereof meets HIPAA requirements.

The Einstein Services are not intended to be used, and Customer may not use the Einstein Services: (1) as a substitute for professional medical or healthcare advice, diagnosis, or treatment; (2) as a medical device, software, or software function for the direct diagnosis of, or in the direct mitigation, treatment, or prevention of, a disease or other condition; or (3) to infer, predict or interpret an individual's medical or health diagnosis, condition, status, program eligibility, or outcome.

With respect to Einstein Bots, Customer may not: (a) submit PHI to, or use PHI in, any utterance records; or (b) enable any Answer Automation or Input Recommender features or functionality of Einstein Bots that could result in the submission or use of PHI therein.

With respect to Einstein GPT for Commerce, Einstein GPT for Sales, and Einstein GPT for Service, Customer is responsible for ensuring that its use of any third-party Large Language Model (LLM) service provider in conjunction with those Services meets HIPAA requirements.

With respect to Agentforce (formerly Einstein Copilot) and Prompt Builder and to the extent within Customer’s control, Customer must enable, maintain, and use Data Masking in the Einstein Trust Layer configuration for Customer’s HIPAA Covered Services.

If Customer elects to configure a network connection that terminates outside of the Salesforce Government Cloud Plus environment, Salesforce assumes no responsibility to protect the Customer-configured connection. If Customer configures PHI to be transmitted over a Customer initiated connection, the Customer is responsible for ensuring the connection uses TLS encryption.

The following restrictions apply to the relevant Heroku Services:

• Shield Private Spaces: PHI must only be handled inside Shield Private Spaces. Standard Private Spaces and the Common Runtime are not covered by the BAA.
• Shield Private Dynos: PHI must only be transmitted to and from, and processed by, Shield Private Dynos running inside a Shield Private Space. No other dyno types are covered under the BAA.
• Shield Private Postgres: PHI must only be transmitted to and from, or stored in, Shield Private Postgres Databases running inside a Shield Private Space. No other Heroku Postgres plans are covered under the BAA.
• Shield Connect: PHI must only be transmitted and processed by Shield Private Postgres running inside a Shield Private Space connected to a Salesforce organization with a valid and signed BAA.
• Apache Kafka on Heroku Shield: PHI must only be transmitted to and from, or stored in, Apache Kafka on Heroku Shield data services running inside a Shield Private Space. No other Apache Kafka on Heroku plans are covered under the BAA.
• Heroku Shield Redis: PHI must only be transmitted to and from, or stored in, Heroku Shield Redis data services running inside a Shield Private Space. No other Heroku Redis plans are covered under the BAA.

In a Private Space, Heroku applications are able to communicate with each other over the local dyno network. If Customer transmits PHI over the local dyno network in a Private Space, Customer must encrypt the PHI in transit.

PHI may be stored, processed, and transmitted within Apache Kafka running in a Shield Private Space with two exclusions: Customer may not use PHI as or in any: (1) Topic Name, or (2) Access Control List (ACL).

To the extent Customer includes PHI in its log data, Customer must explicitly enable the Private Space Logging or use equivalent encryption functionality for all log data. Logging in a Shield Private Space can be configured in two ways: Private Space Logging or standard app-level logging. If Customer has not enabled Private Space Logging, Customer must use Shield Private Space standard app-level logging.

• Private Space Logging. If Private Space Logging is enabled on a Shield Private Space, then Customer may transmit PHI in the log stream. It is Customer’s responsibility to ensure that such transmissions and subsequent handling of PHI by the receiving log capture service meet HIPAA requirements.
• Standard app-level logging. If a Shield Private Space uses standard app-level logging, then Customer must not transmit PHI in the log stream. It is Customer’s responsibility to ensure that PHI does not enter the log stream by ensuring that:
  • PHI is not inadvertently logged by a Postgres database. Customer may turn off logging for Customer’s Postgres database by using the --block-logs option when creating the database.
  • PHI is not included in the URL or query string submitted to web processes and logged by the Heroku router.
  • PHI is not printed to stdout by the application process.
• Customer can check if Private Space Logging is enabled for a space with the CLI command:
  • $ heroku drains:get --space acme-space.
  • https://drain.example.com (d.1234abcd-edf8-4321-1234-bf34c9cbda77).

The following restrictions apply to the relevant Intelligence service:

• Intelligence: Customer must encrypt PHI whenever Customer stores, processes, or transmits PHI. Customer must not use R_Script functions within calculations with respect to data containing PHI. When creating a custom visualization of the data canvas and/or writing custom code, Customer must ensure that all external resources are HTTPS-based.

Unsecured connections such as HTTP must not be used. When using email to transmit PHI to Intelligence, the email provider must support and use encryption. 

PHI must not be transmitted to Intelligence with FTP or with the “control+shift” connector. Connectors downloaded from the marketplace from any vendor other than Intelligence must not be used to transmit PHI. If Customer writes its own custom connector, the connector must only transmit PHI through secure HTTPS calls. 

When using the python retrieval method, Customer must not insert any python code which contains “http” or other unsecured calls. When PHI is connected or retrieved live through direct connect to a database using a connection string, SSL must be stated.

• Intelligence and Intelligence Reports for Engagement: When PHI is transmitted from the Intelligence Services, secure HTTPS connections must be used. PHI must not be transmitted from the Intelligence Services with FTP. When using email to transmit PHI from the Intelligence Services, the email destination provider must support encryption.

Intelligent Form Reader is not intended to be used, and Customer may not use Intelligent Form Reader: (1) as a substitute for professional medical or healthcare advice, diagnosis, or treatment; (2) as a medical device, software, or software function for the direct diagnosis of, or in the direct mitigation, treatment, or prevention of, a disease or other condition; or (3) to infer, predict or interpret an individual's medical or health diagnosis, condition, status, or outcome.

Customer is responsible for ensuring that its use of Loyalty Management for healthcare-related activities meets all applicable government-sponsored health program laws and regulations.

Customer is responsible for ensuring that its use of Marketing Cloud Personalization in connection with any marketing activities that involve PHI meets HIPAA requirements. To the extent that Customer uses PHI obtained from a third-party or external data source in conjunction with Marketing Cloud Personalization, Customer is responsible for ensuring its acquisition and use thereof meets HIPAA requirements.

The Marketing Cloud Einstein features included with Marketing Cloud Growth are not covered by the BAA. Accordingly, Customer may not enable any Marketing Cloud Einstein features or functionality that could result in the submission or use of PHI therein.

The following restrictions apply to the relevant Mulesoft service:

• Anypoint Runtime Manager: PHI must only be handled inside Customer's dedicated Virtual Private Cloud. PHI should further be restricted by using CloudHub’s Dedicated Load Balancing Service where applicable. CloudHub’s non-dedicated runtime environment is not covered by the BAA.
• Anypoint Monitoring: PHI must only be handled inside Customer’s dedicated Anypoint Monitoring implementation. The dedicated Anypoint Monitoring is available to Customers under the Titanium subscription. PHI should further be restricted by using the tokenizer connector where applicable. Anypoint Monitoring non-dedicated environment is not covered by the BAA.
• Anypoint MQ: PHI must only be transmitted to and processed by encrypted queues, or payloads that were encrypted by Customer before publishing messages to Anypoint MQ. The time-to-live (TTL) should be set to the minimum value needed. Non-encrypted queues are not covered under the BAA.
• Anypoint Object Store v2: PHI must only be transmitted to and stored in Object Store v2 for the minimum amount of time necessary for the workload. This requires Customer to set the appropriate time-to-live (TTL). Object Store v2 is not designed for permanent storage.
• Anypoint Security: Anypoint Security is a set of features that can help Customers secure their PHI within the context of an application network. However, PHI must only be transmitted and processed by CloudHub runtimes running inside a CloudHub Virtual Private Cloud connected to an Anypoint Platform organization with a valid and signed BAA.

In a CloudHub Virtual Private Cloud, runtimes are able to communicate with each other internally as well as externally. If Customer’s application transmits PHI, such application must encrypt the PHI in transit. Customer must validate that PHI is encrypted in the payload and/or in the transmission.

CloudHub provides access to log data that includes deployment messages and events for each worker. CloudHub stores logs of up to 100 MB per application per worker, or for up to 30 days, whichever limit is reached first. If CloudHub Application Logs need to be archived or downloaded for audit, analytics or similar purpose on regular intervals, please use Custom Log Appender to extract logs.

If Customer uses CloudHub application logging, then Customer must not transmit PHI in the log stream. It is Customer’s responsibility to ensure that PHI does not enter the log stream by ensuring that:

1. PHI is not accidentally logged by custom configuration of logging parameters,
2. PHI is not included in the URL or query string submitted to web processes and logged by the Anypoint Platform, and
3. PHI is not printed to stdout by the application process.

Customer can transmit PHI in the log stream when using a custom log appender and sending all logs to the source of the Customer’s choosing (Splunk, ELK, etc.). It is Customer’s responsibility to ensure that such transmission and subsequent handling by the receiving log capture service meet HIPAA requirements.

If Anypoint Monitoring Logging is enabled in the dedicated option available under the Titanium subscription then Customer may transmit PHI in the log stream, or use the log tokenization connector to tokenize the logs or items in the logs. It is Customer's responsibility to ensure such transmission, and subsequent handling, meet HIPAA requirements.

Bring Your Own Telephony (BYOT)-based implementations of Service Cloud Voice must be manually configured by Customer. Customer is responsible for ensuring that its use of any third-party telephony service in conjunction with Service Cloud Voice meets HIPAA requirements.

Customer is responsible for ensuring that its use of any third-party electronic signature service in conjunction with Salesforce Contracts meets HIPAA requirements.

1. Enterprise-Level Slack Plan. Customer must purchase an enterprise-level Slack plan. (Please note that GovGrid plans are not currently eligible for BAA coverage.)

2. Advance Notice to Slack of Permitted Organizations or Workspaces or Purchase of the “Slack - HIPAA Enabled” SKU. To ensure workspaces are properly provisioned and supported, Slack must be made aware in advance of organizations or workspaces in which Customer intends to submit, collect, or use PHI.

For workspaces provisioned before March 20, 2023, Customer must have notified Slack in advance in writing (email ok) of the name and URL of each organization or workspace with which Customer intended to submit, collect, or use PHI and received confirmation in writing (email ok) that HIPAA readiness had been enabled. 

On or after March 20, 2023, Customer must purchase the “Slack - HIPAA Enabled” SKU, along with a covered enterprise plan.

Please note: For Enterprise Grid customers, Slack will enable the backend HIPAA flag for all workspaces within the designated organization, including new workspaces later created within that organization. BAA coverage will NOT automatically extend to every organization or workspace owned by a given Customer, only those appropriately designated as being HIPAA-enabled. 

By purchasing Slack, Customer has available the full capabilities of the purchased Slack services. However, if Customer or Customer’s users transmit, upload, or communicate about PHI through the Slack services, Customer must comply with the following limitations:

1. Slack Users. The Slack services are designed for work collaboration but may not be used to communicate with patients, plan members, or their families or employers. Patients, plan members, and their families or employers may not be added as users or guests to any Slack workspaces or channels.

2. PHI-Prohibited Slack Fields. Users may not include PHI in any of the following:

• File names
• Channel names 
• Canvas names
• Slack user profile data
• Custom Slack profile fields
• Custom emoji names
• Custom statuses
• Workspace or Organization name or URL domain
• Enterprise Mobility Management custom messages
• The name or handle of user groups
• Custom Platform app and workflow metadata, including app name, function name, workflow name, function code, and datastore information 

Users may include PHI in the contents of messages, files, huddles, video and audio clips, and data submitted to custom apps built by Customer to run on Slack Infrastructure. 

3. Support Requests. When initiating a support request through any means—including through a “/feedback” command in a Slack channel, through the Slack website “Contact Us” page, or through Slack’s Live Chat offering—users must not include any PHI in the support request or attach any screenshots or documents that include PHI.

4. Email Ingestion. Users that transmit or receive any PHI by email must not use Slack’s native email ingestion capabilities to forward emails into Slack.

5. Slack Connect. Slack Connect allows users from different companies to communicate and collaborate right in Slack. If Customer uses Slack Connect to communicate between two separate organizations, Customer must ensure that Customer has the appropriate permissions, where necessary, to share PHI with such recipients and that such communications comply with applicable legal requirements.

Customer must also review and appropriately inform its users regarding the Slack Guide for HIPAA Entities, as updated from time to time.  It is Customer’s responsibility to ensure that the configuration limitations included within the Slack Guide for HIPAA Entities work with Customer’s desired use of the product.

Tableau Cloud is not intended to be used, and Customer may not use Tableau Cloud: (1) as a substitute for professional medical or healthcare advice, diagnosis, or treatment; (2) as a medical device, software, or software function for the direct diagnosis of, or in the direct mitigation, treatment, or prevention of, a disease or other condition; or (3) to infer, predict, or interpret an individual's medical or health diagnosis, condition, status, program eligibility, or outcome. 

With respect to Tableau Agent and to the extent within Customer’s control, Customer must enable, maintain, and use Data Masking in the Einstein Trust Layer configuration for Customer’s HIPAA Covered Services. 

Customers may not use any Tableau Cloud “Broadcast” features or similar functionality in conjunction with Tableau Public or any other public-facing forum service, in a manner that could result in the publication or disclosure of data visualizations and/or their underlying workbooks, which may contain or be derived from PHI..

In addition, Tableau Bridge, Tableau Data Connect, and Tableau Server are not covered by the BAA.

 

The online services listed below provided to Customer by SFDC comprise the “HIPAA Covered Services”; provided, however, that the HIPAA Covered Services do not include any portion of such Services that are deployed on Customer’s premises. Unless specifically noted below, the HIPAA Covered Services include the online services when operating on Salesforce first party infrastructure, Hyperforce (formerly Salesforce Unified Cloud) infrastructure, or other public cloud infrastructure.

B2B Commerce (formerly branded as CloudCraze)

B2B2C Commerce

B2C Commerce Services³ presently branded as Commerce Cloud Digital (B2C Commerce GMV or B2C Commerce PPO)

Chatter

CRM Analytics (formerly branded as Tableau CRM)

Customer Data Cloud (also presently branded as Salesforce Data Cloud)

Customer Data Platform (formerly branded as Salesforce CDP)

Database.com

Digital Process Automation³ (including Decision Tables, Data Processing Engine, Omnistudio, Business Rules Engine, Client-Side Document Generation, and Server-Side Document Generation)

Einstein Services³ presently branded as:

• Einstein Article Recommendations;
• Einstein Bots;
• Einstein Case Classification;
• Einstein Case Wrap Up;
• Einstein Conversation Mining;
• Einstein Copilot;
• Einstein GPT for Commerce;
• Einstein GPT for Sales;
• Einstein GPT for Service;
• Einstein Prediction Builder;
• Einstein Recommendation Builder;
• Einstein Reply Recommendations; 
• Einstein Vision and Language; and
• Prompt Builder

Emergency Program Management

Employee Health Verification package (a feature of Employee Productivity)

Experience Cloud (formerly branded as Community Cloud)

Government Cloud Plus³ infrastructure environment

Headless Browser Service

Health Cloud

Heroku Services³ presently branded as:

• Heroku’s Shield Private Spaces;
• Shield Private Dynos;
• Shield Connect;
• Shield Private Postgres;
• Apache Kafka on Heroku Shield; and
• Salesforce Functions (including Salesforce Elastic Services)

Intelligence Services³ presently branded as:

• Intelligence (formerly branded as Datorama), but only when provisioned on infrastructure provided by Amazon Web Services in its capacity as an SFDC Subcontractor; and
• Intelligence Reports for Engagement (formerly branded as Datorama Reports for Marketing Cloud)

Intelligent Form Reader³, but only when used in conjunction with the HIPAA Covered Services identified herein

IoT Explorer

Life Sciences Cloud

Lightning B2B Commerce

Lightning Platform (including Force.com and Salesforce Surveys)

Loyalty Management³

Marketing Cloud Engagement (formerly branded as ExactTarget)

Marketing Cloud Personalization³ (formerly branded as Interaction Studio) (exclusive of Interaction Studio (Legacy)), but only when provisioned on infrastructure provided by Amazon Web Services in its capacity as an SFDC Subcontractor

Marketing Cloud Growth³

Messaging for In-App and Web

Mulesoft Services³ presently branded as:

• Anypoint Runtime Manager;
• Anypoint Monitoring;
• Anypoint MQ;
• Anypoint Object Store v2; and
• Anypoint Security

Nonprofit Cloud Services presently branded as:

• Nonprofit Cloud Case Management (refers to the managed package branded as Nonprofit Cloud Case Management); and
• Nonprofit Cloud for Grantmaking

Privacy Center

Quip Services presently branded as:

• Quip Starter;
• Quip Plus;
• Quip Advanced;
• Quip Virtual Private Cloud;
• Quip Mobile; and
• Quip Live App Platform

Sales Cloud

Salesforce Contracts³

Salesforce Maps Services presently branded as:

• Salesforce Maps;
• Salesforce Maps Advanced;
• Territory Planning; and
• Live Tracking

Salesforce Mobile App

Salesforce Order Management

Salesforce Payments

Salesforce Private Connect 

Salesforce Slack Integration Proxy

Service Cloud (including Field Service (formerly branded as Field Service Lightning) and Live Agent)

Service Cloud Voice³, but only when provisioned on Salesforce first party infrastructure and Hyperforce infrastructure

Site.com

Slack Enterprise Plans³ (excluding GovGrid plans), but only once confirmed by Slack to be HIPAA-enabled

Tableau Cloud³

Unified Messaging

Vlocity Health package