Will Mulesoft sign a Business Associate Agreement per HIPAA requirements?

We're considering using dataloader to upload data that may include protected health information into Salesforce and I need to find out if Mulesoft will sign a Business Associate Agreement before we use their product. Thanks.

1 comment

Date Votes
Anton Kravchenko
Hi John,

Thank you for your interest in dataloader.io. It is built on CloudHub, our integration platform as a service. We take security very seriously across all our cloud services, and aim to lead the market in certifications, policies, architecture and response.

In regards to HIPAA, MuleSoft is not subject to HIPAA regulations, as we do not directly handle personal health information. HIPAA is only applicable to covered entities. 

We are, however, certified under HiTrust. If you aren't familiar with HiTrust, it is a common security framework designed to simplify compliance with technical controls derived from HIPAA/HITECH. HiTrust is a very extensive security framework, that many companies are pursuing because it incorporates other standards and provides clear, actionable guidelines.

We are also a level 1 PCI service provider and and are SSAE16 certified.

You can see more about our approach to security at our Trust Center.

Let us know if there are additional questions or concerns.

dataloader Team

Please sign in to leave a comment.