Cloudflare supports many businesses with rigorous data security requirements, including a number of healthcare organizations. Learn how our services aligns to HIPAA compliance needs.
Cloudflare’s network and all of our products are built with data protection in mind. Cloudflare does not sell personal data we process on customers’ behalf, or use it for any purpose other than to provide our services to customers. In addition, we build trust by building and deploying products that improve the security of our systems, encrypt data at rest or in transit, and allow our customers to determine how traffic is inspected across different locations around the world.
Cloudflare encrypts data by default using the latest protocols, and offers granular control over where encryption keys are stored and where logs are sent.
Cloudflare’s network uses threat intelligence from approximately 25 million Internet properties to protect cloud, hybrid, and on-premises infrastructure from a variety of attacks.
Cloudflare for Teams lets companies enforce zero trust access and follow the principle of least privilege for all of their applications — helping prevent impermissible data uses or disclosures.
Learn how Cloudflare has helped healthcare organizations around the world improve their security posture and protect patients' personal data.
Learn about the Business Associate Agreement (BAA) Cloudflare offers, which incorporates clauses required by HIPAA about PHI protection.