Health Data and Adobe Products and Services

[Last Updated: October 2025]

Adobe is expanding Healthcare Shield to provide Health Data-Ready services that accept consumer health data that may be regulated under applicable healthcare privacy laws and regulations. Customers using Adobe’s Health Data-Ready products and services may submit additional categories of consumer health data to Adobe, in addition to the current use case of submitting Protected Health Information (PHI), as regulated under the Health Insurance Portability and Accountability Act of 1995 (“HIPAA”).

Adobe recommends that customers evaluate their needs to determine which product is best for their use case. Customers interested in learning more about Adobe HIPAA-Ready Services may see here or more information.

Working with Health-Related Data

Adobe’s expansion of Healthcare Shield allows customers the option of submitting consumer health data that may not necessarily be defined as PHI.

Adobe provides customers who engage with consumer health data but are not subject to HIPAA with services that are ready to accept consumer health data, referring to these services as Health Data-Ready Services. These Health Data-Ready Services have additional features and functionalities that allow customers, dependent on each customer’s configuration and use of the Health Data-Ready Services, to comply with the appropriate privacy and security regulations. These additional features may increase the customer’s license or subscription costs.

Customers are not permitted to create, receive, maintain, or transmit consumer health data through Adobe Products and Services that are not Health Data-Ready Services because Adobe has not designed these services to support the customer and Adobe’s compliance with health data regulations.

At this time, Health Data-Ready Services are available only to U.S. based customers.

The current list of Health Data-Ready Services Include:

  • Adobe Customer Journey Analytics (excluding CJA Labs)
  • Adobe Journey Optimizer
  • Adobe Real-Time Customer Data Platform B2P (Consumer Audiences) Prime and Ultimate Editions
  • Adobe Real-Time Customer Data Platform B2C Prime and Ultimate Editions

More information about how Adobe Experience Cloud solutions can be used in healthcare and health and wellness business scenarios can be found in the Adobe Experience Cloud for Healthcare Solutions Overview.

Shared Security Responsibilities

Adobe Health Data-Ready Services rely on a shared responsibility security model, requiring the customer and Adobe to each bear distinct responsibilities for maintaining the security of consumer health data. Under this shared security model, Adobe relies on the customer to use and configure the Health Data-Ready Services consistent with applicable law and the customer’s own compliance needs.

Note: Adobe Commerce on Cloud and Adobe Commerce on Managed Services are subject to the Adobe Commerce Shared Responsibility Security Model.

Disclaimer

Customer is responsible for their use of Adobe Health Data-Ready Services and for ensuring that the Adobe Health Data-Ready Services meet their compliance requirements.