Supernote is not currently HIPAA-compliant. In anticipation of upcoming HIPAA regulatory updates expected to take effect, which will for the first time require mandatory encryption of ePHI at rest, we have terminated all existing Business Associate Agreements and are not accepting new BAA requests at this time.

We are actively working to meet this new standard and plan to resume HIPAA compliance support in the future. We will update this page when that milestone is reached.

Please be aware that Supernote can be used in a fully offline manner. Your device does not need to connect to our cloud at any point, and notes and files can be transferred to your computer securely via USB cable or USB drive without any data passing through Supernote's servers. If you choose to continue using Supernote in offline mode, you retain full control over where your data is stored and how it is transferred. However, please note that operating offline does not by itself constitute HIPAA compliance. You remain responsible for ensuring that any ePHI stored on your device is managed in accordance with HIPAA's requirements, including appropriate physical safeguards for the device itself.