Hey, I hope you’re all doing well. I’m working on a product that needs to be HIPAA-compliant. I’m using Auth0 for authentication, and we’ll only store the user’s email and password, no patient metadata.
I’m a bit confused about Auth0’s HIPAA support. Is Auth0 HIPAA-compliant?
If yes, how can we obtain a BAA with Auth0? I currently have a free account and couldn’t find an option for this.
Do I need to upgrade my plan to access a BAA?