This analysis describes what Headspace's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
This designation brings Headspace's handling of health information within the regulatory framework established by HIPAA, which imposes specific requirements on business associates regarding the use, disclosure, and safeguarding of protected health information on behalf of covered entities. The provision clarifies the regulatory relationship between Headspace and its Care Provider partners.
Users receiving services through US Care Providers operate under HIPAA protections applicable to business associate relationships, meaning Headspace's handling of health information is subject to HIPAA's use and disclosure restrictions and security standards. Users may receive a separate HIPAA privacy notice from their Care Provider during enrollment that supplements this policy.
How other platforms handle this
You agree not to engage in any of the following prohibited activities: (i) copying, distributing, or disclosing any part of the Service in any medium, including without limitation by any automated or non-automated 'scraping'; (ii) using any automated system, including without limitation 'robots,' 's...
When you use Microsoft services, you must comply with Microsoft's Code of Conduct. Prohibited conduct includes using the services to do anything illegal, transmitting content that is harmful, threatening, abusive, harassing, tortious, defamatory, vulgar, obscene, or otherwise objectionable. Microsof...
You are solely responsible for the content that you post, upload, or otherwise make available through the Services. Udemy may, in its sole discretion, remove or disable access to any content that violates these Terms or that Udemy determines, in its sole discretion, is otherwise objectionable.
Monitoring
Headspace has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 25 platforms.
"Our Services are delivered by our Care Providers. For Care Providers in the US, they are classified as covered entities under the Health Insurance Portability and Accountability Act ('HIPAA'). Headspace is subject to HIPAA as our Care Providers' business associate. Our Care Providers may provide you an additional privacy notice during enrollment which we encourage you to review.— Excerpt from Headspace's Headspace Privacy Policy
Compliance Governance Intelligence
Need to monitor specific governance provisions?
Compliance includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
This designation brings Headspace's handling of health information within the regulatory framework established by HIPAA, which imposes specific requirements on business associates regarding the use, disclosure, and safeguarding of protected health information on behalf of covered entities. The provision clarifies the regulatory relationship between Headspace and its Care Provider partners.
Users receiving services through US Care Providers operate under HIPAA protections applicable to business associate relationships, meaning Headspace's handling of health information is subject to HIPAA's use and disclosure restrictions and security standards. Users may receive a separate HIPAA privacy notice from their Care Provider during enrollment that supplements this policy.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Headspace.