Is Grammarly HIPAA Compliant?
Grammarly is HIPAA compliant and can be used with other compliant content creation tools to write, share, and send content that contains Protected Health Information – provided covered entities subscribe to a Business Enterprise plan with a minimum of 100 seats. Unfortunately, this is the only subscription option for which Grammarly will enter into a Business Associate Agreement.
Grammarly is an AI typing assistant that can be used with most desktop and mobile apps, browsers, and websites to write, share, and send error-free content. Depending on the subscription, Grammarly can also be used to generate content, summarize content, apply a consistent style/tone to content, and check for plagiarism. Due to its capabilities, Grammarly can greatly reduce the time it takes to get writing tasks completed and increase productivity.
Using Grammarly in Healthcare Environments
In healthcare environments, Grammarly can be used to help write emails, reports, and other medical documents – ensuring that potentially complex communications can be understood by patients, colleagues, and other stakeholders in the patients’ care. It can also be used to write clear and consistent policies, Notices of Privacy Practices, and patient instructions. Other uses include creating content for training courses, website blogs, and marketing materials.
Grammarly can also be integrated into some Electronic Medical Records. Where possible, this can be particularly beneficial in healthcare environments that employ members of the workforce whose native language is not English, as the software’s capabilities can help reduce errors, improve clarity, and maintain consistency. This has the secondary benefit of making it easier for other members of the workforce to understand patient histories and treatment plans.
Get The FREE
HIPAA Compliance Checklist
Immediate Delivery of Checklist Link To Your Email Address
Please Enter Correct Email Address
Your Privacy Respected
HIPAA Journal Privacy Policy
Is Grammarly HIPAA Compliant?
When a member of a healthcare organization’s workforce uses Grammarly to help write content, Grammarly needs access to the content in order to correct spelling mistakes, suggest grammatical changes, summarize content, etc. If the content includes Protected Health Information, Grammarly becomes a business associate of the healthcare organization and – as a business associate – is required to comply with all applicable HIPAA standards.
Grammarly is HIPAA compliant inasmuch as the only information stored on its servers are users’ account information and analytics data (i.e., interactions with Grammarly suggestions). Content is transmitted to and from its servers via an encrypted WebSocket connection, but it cannot be viewed or saved by Grammarly without approval. At user level, the administration portal allows healthcare organizations to control user access to the software and assign roles and permissions.
Grammarly has been independently assessed as being HIPAA compliant and has a host of other compliance and security certifications. However, in order to make Grammarly HIPAA compliant, it is necessary to enter into a Business Associate Agreement with Grammarly. Unfortunately, at present, this means subscribing to a Business Enterprise plan with a minimum of 100 seats. For many healthcare organizations, this requirement to make Grammarly HIPAA compliant will be a deal breaker.
Conclusion
At the free entry level, Grammarly is a more advanced version of the spellcheckers and grammar correctors that exist in Microsoft Outlook and Google Workspace. At the Business level, Grammarly has a wide range of capabilities that that can help accelerate writing tasks, increase productivity, and support collaboration. However, the cost of subscribing to the (unpriced) Business Enterprise plan to make Grammarly HIPAA compliant is likely to deter many healthcare organizations from taking advantage of the software’s capabilities.
In theory, healthcare organizations can still use Grammarly without a Business Associate Agreement, but this will mean it will not be possible to use Grammarly with Protected Health Information without violating HIPAA. Policing members of the workforce to refrain from disclosing Protected Health Information to Grammarly – or to disable Grammarly when writing content containing Protected Health Information – might consume more time than Grammarly saves. Therefore, healthcare organizations may need to think carefully about whether any subscription to Grammarly is a worthwhile investment.
