From e1af96b67cdeeb700232c60326d20413a7464541 Mon Sep 17 00:00:00 2001
From: "Vincent (Wen Yu) Ge" <vincent@appwrite.io>
Date: Mon, 8 Apr 2024 14:01:08 -0400
Subject: [PATCH 1/3] Draft for HIPPA compliance

---
 .../docs/advanced/security/+layout.svelte     |  2 +-
 .../docs/advanced/security/+page.markdoc      |  3 +--
 .../docs/advanced/security/gdpr/+page.markdoc |  2 +-
 .../advanced/security/hippa/+page.markdoc     | 25 ++++++++++++++-----
 4 files changed, 22 insertions(+), 10 deletions(-)

diff --git a/src/routes/docs/advanced/security/+layout.svelte b/src/routes/docs/advanced/security/+layout.svelte
index ae384bbf86..d1d84f66cf 100644
--- a/src/routes/docs/advanced/security/+layout.svelte
+++ b/src/routes/docs/advanced/security/+layout.svelte
@@ -29,7 +29,7 @@
 					href: '/docs/advanced/security/soc2'
 				},
 				{
-					label: 'HIPPA (Coming soon)',
+					label: 'HIPPA',
 					href: '/docs/advanced/security/hippa'
 				},
 				{
diff --git a/src/routes/docs/advanced/security/+page.markdoc b/src/routes/docs/advanced/security/+page.markdoc
index cbded4e264..6c25b3945c 100644
--- a/src/routes/docs/advanced/security/+page.markdoc
+++ b/src/routes/docs/advanced/security/+page.markdoc
@@ -29,9 +29,8 @@ Coming soon
 {% /cards_item %}
 
 {% cards_item href="/docs/advanced/security/hippa" title="HIPPA" %}
-Coming soon.
+Appwrite is HIPPA compliant. Learn about how Appwrite's measures to protect PHI.
 {% /cards_item %}
-
 {% /cards %}
 
 # Measures {% #measures %}
diff --git a/src/routes/docs/advanced/security/gdpr/+page.markdoc b/src/routes/docs/advanced/security/gdpr/+page.markdoc
index e2b533d4a1..a96e93a7ef 100644
--- a/src/routes/docs/advanced/security/gdpr/+page.markdoc
+++ b/src/routes/docs/advanced/security/gdpr/+page.markdoc
@@ -9,7 +9,7 @@ GDPR is a EU regulation that concerns data privacy and security in the European
 
 By attesting that Appwrite is GDPR compliant, we have done the following:
 - Appwrite users will retain access to their personal information including the right to correct and to delete it.
-- Impose the same rules upon the organization’s sub-processors who assist in providing Appwrite’s services as described in the Terms of Service (“ToS”). 
+- Impose the same rules upon the organization's sub-processors who assist in providing Appwrite's services as described in the Terms of Service (“ToS”). 
 - Appwrite will notify users promptly about policy changes and/or data breaches.
 
 You can learn more in our [Privacy policy](https://appwrite.io/privacy) and [Cookie policy](https://appwrite.io/cookies). 
diff --git a/src/routes/docs/advanced/security/hippa/+page.markdoc b/src/routes/docs/advanced/security/hippa/+page.markdoc
index 7bd6dec039..97062e0964 100644
--- a/src/routes/docs/advanced/security/hippa/+page.markdoc
+++ b/src/routes/docs/advanced/security/hippa/+page.markdoc
@@ -1,12 +1,25 @@
 ---
 layout: article
-title: HIPPA (Coming soon)
+title: HIPPA
 description: Learn about Appwrite Cloud's measures to achieve HIPPA compliance.
 ---
 
-HIPAA refers to the Health Insurance Portability and Accountability Act. 
-HIPPA protects patients' health data from being disclosed without consent or knowledge.
+Appwrite is compliant with HIPPA (Health Insurance Portability and Accountability Act) regulations.
+HIPPA is an important regulation that protects patients' health data from being disclosed without consent or knowledge.
 
-Appwrite is nearing the completion of its efforts to attain HIPAA and SOC-2 compliance, underscoring our commitment to supporting and empowering developers in their creative endeavors. 
-Anticipate the official compliance announcement slated for Q1 of 2024. 
-For further details and inquiries, feel free to reach out to us at privacy@appwrite.io.
+If you're building apps that handle information that is considered [PHI (Personal Health Information)](https://privacyruleandresearch.nih.gov/pr_07.asp)
+for an U.S. user base, data must be stored in a HIPAA-compliant environment.
+
+To attain HIPAA compliance, we've taken extensive measures, ensuring that our practices align with the highest data protection standards. 
+We have implemented robust measures to safeguard personal information, updating our policies, procedures, and infrastructure to meet the strict requirements of HIPAA regulations.
+
+- A strict data backup schedule.
+- An extended business continuity plan.
+- Data retention rights for individuals as outlined in our [Privacy Policy](https://appwrite.io/privacy).
+- Intrusion detection and penetration testing.
+- Encryption of data transmitted between Appwrite and users using transport layer security (TLS) and HTTP strict Transport Security, 
+ensuring confidentiality both at rest and during transmission.
+- Access to environments containing customer data is strictly controlled, 
+requiring authentication and authorization through multi-factor authentication (MFA). 
+
+Appwrite safeguards personal information to the same extent it protects its own, complying with relevant privacy laws and regulations in the jurisdictions where its services are offered. 
\ No newline at end of file

From cc0447007197151df406f2ed781d7700c9629166 Mon Sep 17 00:00:00 2001
From: "Vincent (Wen Yu) Ge" <vincent@appwrite.io>
Date: Mon, 8 Apr 2024 14:03:58 -0400
Subject: [PATCH 2/3] Add HIPPA disclaimer

---
 src/routes/docs/advanced/security/hippa/+page.markdoc | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/src/routes/docs/advanced/security/hippa/+page.markdoc b/src/routes/docs/advanced/security/hippa/+page.markdoc
index 97062e0964..6c4c2b1486 100644
--- a/src/routes/docs/advanced/security/hippa/+page.markdoc
+++ b/src/routes/docs/advanced/security/hippa/+page.markdoc
@@ -22,4 +22,7 @@ ensuring confidentiality both at rest and during transmission.
 - Access to environments containing customer data is strictly controlled, 
 requiring authentication and authorization through multi-factor authentication (MFA). 
 
-Appwrite safeguards personal information to the same extent it protects its own, complying with relevant privacy laws and regulations in the jurisdictions where its services are offered. 
\ No newline at end of file
+Appwrite safeguards personal information to the same extent it protects its own, complying with relevant privacy laws and regulations in the jurisdictions where its services are offered. 
+
+Please note that while Appwrite Cloud serves as a HIPAA-compliant platform to handle data, 
+it is the responsibility of developers to ensure that their application is also compliant with HIPAA regulations.
\ No newline at end of file

From 07832b6e8146a07f5422396b09730ca0f89838bb Mon Sep 17 00:00:00 2001
From: "Vincent (Wen Yu) Ge" <vincent@appwrite.io>
Date: Thu, 11 Apr 2024 11:42:29 -0400
Subject: [PATCH 3/3] Remove coming soon and use full term PHI

---
 src/routes/+page.svelte                                   | 1 -
 .../announcing-appwrite-is-gdpr-compliant/+page.markdoc   | 4 ++--
 src/routes/docs/advanced/security/+layout.svelte          | 4 ++--
 src/routes/docs/advanced/security/+page.markdoc           | 6 +++---
 .../docs/advanced/security/{hippa => hipaa}/+page.markdoc | 8 ++++----
 src/routes/docs/advanced/security/mfa/+page.markdoc       | 0
 6 files changed, 11 insertions(+), 12 deletions(-)
 rename src/routes/docs/advanced/security/{hippa => hipaa}/+page.markdoc (91%)
 create mode 100644 src/routes/docs/advanced/security/mfa/+page.markdoc

diff --git a/src/routes/+page.svelte b/src/routes/+page.svelte
index f2fadddf69..2af4ff9714 100644
--- a/src/routes/+page.svelte
+++ b/src/routes/+page.svelte
@@ -350,7 +350,6 @@
                                 />
                                 <h3 class="web-info-boxes-title">
                                     <span>HIPAA</span>
-                                    <span class="web-inline-tag is-pink">Coming Soon</span>
                                 </h3>
                                 <p class="web-info-boxes-content">
                                     Protect sensitive user health data.
diff --git a/src/routes/blog/post/announcing-appwrite-is-gdpr-compliant/+page.markdoc b/src/routes/blog/post/announcing-appwrite-is-gdpr-compliant/+page.markdoc
index 055db9e3c9..debde71268 100644
--- a/src/routes/blog/post/announcing-appwrite-is-gdpr-compliant/+page.markdoc
+++ b/src/routes/blog/post/announcing-appwrite-is-gdpr-compliant/+page.markdoc
@@ -11,7 +11,7 @@ category: GDPR
 
 We have always kept strict internal policies with regard to personal data and privacy. But to be GDPR compliant, one must undertake the necessary steps and show proof. We have done this and are pleased that we are now certified with the European General Data Protection Regulation (GDPR) standards.
 
-Appwrite developers will no longer have to navigate the complex waters of GDPR compliance – we've got you covered. We have undertaken the necessary measures to protect personal information. Our policies, procedures, and infrastructure have been updated, and we are committed to a continuous improvement cycle as time goes by.
+Appwrite developers will no longer have to navigate the complex waters of GDPR compliance, we've got you covered. We have undertaken the necessary measures to protect personal information. Our policies, procedures, and infrastructure have been updated, and we are committed to a continuous improvement cycle as time goes by.
 
 If you are interested in having a data processing agreement with Appwrite, you can now find our DPA download button in our console. Click and sign it, and the agreement will be implemented.
 
@@ -26,6 +26,6 @@ Here are some technical insights into how we enhance data security:
 
 As always, with Appwrite, developers can continue creating with peace of mind. Your personal data will not be mistreated.
 
-Appwrite is also actively working towards compliance with SOC 2 standards and HIPPA, which will be announced at a later date.
+Appwrite is also HIPAA compliant while actively working towards compliance with SOC 2 standards which will be announced at a later date.
 
 Further resources: [Documentation](https://appwrite.io/docs/advanced/security/gdpr), [Privacy policy](https://appwrite.io/privacy) , [Cookie policy](https://appwrite.io/cookies)
diff --git a/src/routes/docs/advanced/security/+layout.svelte b/src/routes/docs/advanced/security/+layout.svelte
index d1d84f66cf..dc0b19e8eb 100644
--- a/src/routes/docs/advanced/security/+layout.svelte
+++ b/src/routes/docs/advanced/security/+layout.svelte
@@ -29,8 +29,8 @@
 					href: '/docs/advanced/security/soc2'
 				},
 				{
-					label: 'HIPPA',
-					href: '/docs/advanced/security/hippa'
+					label: 'HIPAA',
+					href: '/docs/advanced/security/hipaa'
 				},
 				{
 					label: 'PCI',
diff --git a/src/routes/docs/advanced/security/+page.markdoc b/src/routes/docs/advanced/security/+page.markdoc
index 6c25b3945c..666d82d8f0 100644
--- a/src/routes/docs/advanced/security/+page.markdoc
+++ b/src/routes/docs/advanced/security/+page.markdoc
@@ -5,7 +5,7 @@ description: Learn how Appwrite keeps your project, users, and data secure throu
 ---
 
 Appwrite helps you build secure apps by applying various security and compliance measures. 
-Appwrite is compliant with [GDPR](/docs/advanced/security/gdpr) and actively working toward [SOC 2](/docs/advanced/security/soc2) and [HIPPA](/docs/advanced/security/hippa) compliance.
+Appwrite is compliant with [GDPR](/docs/advanced/security/gdpr) and [HIPAA](/docs/advanced/security/hipaa) while actively working toward [SOC 2](/docs/advanced/security/soc2) compliance.
 
 Appwrite also employs [enhanced password protection and encryption](/docs/products/auth/security), [rate limits](/docs/advanced/security/abuse-protection), 
 [robust permission systems](/docs/advanced/platform/permissions), and [HTTPS/TLS](/docs/advanced/security/tls) to protect you and your users' data.
@@ -28,8 +28,8 @@ Appwrite uses Stripe to handle payment and payment information securely. Learn a
 Coming soon
 {% /cards_item %}
 
-{% cards_item href="/docs/advanced/security/hippa" title="HIPPA" %}
-Appwrite is HIPPA compliant. Learn about how Appwrite's measures to protect PHI.
+{% cards_item href="/docs/advanced/security/hipaa" title="HIPAA" %}
+Appwrite is HIPAA compliant. Learn about how Appwrite's measures to protect personal health information.
 {% /cards_item %}
 {% /cards %}
 
diff --git a/src/routes/docs/advanced/security/hippa/+page.markdoc b/src/routes/docs/advanced/security/hipaa/+page.markdoc
similarity index 91%
rename from src/routes/docs/advanced/security/hippa/+page.markdoc
rename to src/routes/docs/advanced/security/hipaa/+page.markdoc
index 6c4c2b1486..1d049c7b67 100644
--- a/src/routes/docs/advanced/security/hippa/+page.markdoc
+++ b/src/routes/docs/advanced/security/hipaa/+page.markdoc
@@ -1,11 +1,11 @@
 ---
 layout: article
-title: HIPPA
-description: Learn about Appwrite Cloud's measures to achieve HIPPA compliance.
+title: HIPAA
+description: Learn about Appwrite Cloud's measures to achieve HIPAA compliance.
 ---
 
-Appwrite is compliant with HIPPA (Health Insurance Portability and Accountability Act) regulations.
-HIPPA is an important regulation that protects patients' health data from being disclosed without consent or knowledge.
+Appwrite is compliant with HIPAA (Health Insurance Portability and Accountability Act) regulations.
+HIPAA is an important regulation that protects patients' health data from being disclosed without consent or knowledge.
 
 If you're building apps that handle information that is considered [PHI (Personal Health Information)](https://privacyruleandresearch.nih.gov/pr_07.asp)
 for an U.S. user base, data must be stored in a HIPAA-compliant environment.
diff --git a/src/routes/docs/advanced/security/mfa/+page.markdoc b/src/routes/docs/advanced/security/mfa/+page.markdoc
new file mode 100644
index 0000000000..e69de29bb2