Copy link to clipboard
Copied
Hi,
My question is whether Adobe Embed API is HIPAA compliance or not?
Thanks,
Hello @SahandSoltanieh ! Adobe Embed API is not HIPAA compliant currently. Please also note, the Developers may not use Document Cloud Services SDK to collect, process, or store sensitive personal data such as protected health information under HIPAA, children’s personal information under COPPA, and other similar information as described in our General Terms
Thanks!
Copy link to clipboard
Copied
Hello @SahandSoltanieh ! Adobe Embed API is not HIPAA compliant currently. Please also note, the Developers may not use Document Cloud Services SDK to collect, process, or store sensitive personal data such as protected health information under HIPAA, children’s personal information under COPPA, and other similar information as described in our General Terms
Thanks!
Copy link to clipboard
Copied
Thanks for the quick response. Great API, hopefully it'll become HIPAA compliant as well one day.
Copy link to clipboard
Copied
What information is sent to Adobe by the embed API? My understanding was that the Adobe's embed viewer is a local application (similar to Adobe Reader) for viewing PDFs in a browser. Are there certain features of the embed API that transmit data? Additional details would be appreciated!
Copy link to clipboard
Copied
Given how the API works, I assume PDF files will be uploaded to Adobe cloud storages in order to be parsed, and then they would be served directly through their servers rather than yours. But I'm not quite sure, I would love to know more about this as well.
Copy link to clipboard
Copied
I found this in the FAQ (https://community.adobe.com/t5/document-services-apis-discussions/faq-for-document-services-pdf-embe...)
When Adobe Analytics is not enabled by the SuiteID and no other events are enabled, does Adobe collect any data about the PDF being viewed.
Copy link to clipboard
Copied
Also found this conflicting information in the Aug release notes: With this patch release, PDF Embed API now no longer gathers anonymous usage data to measure performance. This was earlier collected using Adobe Analytics.
Copy link to clipboard
Copied
Sorry for the confusion. PDF Embed API gathers only essential anonymous data to gain insights on product usage. Earlier, this was done using Adobe Analytics but we no longer use Adobe Analytics to collect this data.
For more details, please have a look at the documentation.
Copy link to clipboard
Copied
Hi Sumona,
Thank you for this answer. As PDF Embed API does not send the actual pdf to the Adobe server or any other server ad only work on it at local machine, we do not worry about BAA or HIPAA , is that statement correct ? We are a medical healthcare company looking to integrate the embed PDF platform into our product.
Thank you
Paul