Skip to content

Sensitive Data

Securely store your sensitive data in HubSpot Smart CRM and use it safely to manage your business processes.

Get a demo

  • Minimize business disruptions and protect your sensitive data with added layers of security

  • Tailor customer communication based on sensitive data such as demographics, health data, or payment history

  • Navigate data privacy regulations like GDPR and HIPAA with ease

HubSpot Video

Easy and secure. Don’t compromise on data protection.

The most successful businesses rely on data to fuel growth. But, it can be challenging to securely and effectively use sensitive customer data to power your sales, marketing, and service strategies.

Safely store and use confidential customer data in HubSpot Smart CRM and manage sensitive data compliance with ease so your team can focus on growing the business. 

  1. Fuel your growth with a unified customer, client, or patient record.

    Discover how sensitive data can unlock new growth opportunities. Get a complete understanding of your customers to give them a delightful experience with HubSpot’s Smart CRM. Whether you’re segmenting audiences for a targeted marketing campaign, qualifying customers for upsell opportunities, or offering personalized post-sale service, HubSpot helps you safely use sensitive data to power your go-to-market strategies.

  2. Keep up with data privacy regulations.

    HubSpot makes it easy for your business to safely store personal information (PI), personal identifiable information (PII), and protected health information (PHI), as well as operate in compliance with regulations like GDPR or HIPAA. From built-in security features like comprehensive audit logging to a business associate agreement (BAA), HubSpot gives you the tools to support your regulatory needs.

  3. Protect your data from breaches and bad actors.

    Don’t let your data fall into the wrong hands. Help prevent business disruptions by using HubSpot’s sensitive data features that protect confidential customer data with an extra layer of platform encryption. HubSpot also makes it easy to monitor your security health and follow sensitive data security best practices. Make sure only authorized users have access to your sensitive data through advanced authentication features, inactive session timeouts, and proactive security recommendations.

Have questions? Give us a call and we'll walk you through it.

+1 857-829-5060

  • From personalized nurture campaigns to innovative marketing strategies, this feature unlocks endless possibilities for healthcare manufacturers. The healthcare industry needed a simple yet secure solution for storing sensitive data, and HubSpot is stepping in to fill that gap.

    Jan Beery

    President Global Life Sciences

    Atypical

    Atypical life sciences logo

  • Transitioning to sensitive data properties in HubSpot was easy! The feature is intuitive and integrated seamlessly into HubSpot's Smart CRM, allowing us a smooth transition and minimal disruption to our existing process.

    Kyle Kadash

    Senior Manager, Operations

    Lingraphica

    Lingraphica logo

  • The ability to tailor communications based on patient prescription state has revolutionized our approach. We're excited to see how HubSpot's Sensitive Data continues to enhance our customer experience and performance metrics.

    Livia Alcantara

    Senior Manager, Brand Marketing

    Currax Pharmaceuticals LLC

    Currax Pharmaceuticals LLC logo

    Related Resources

    If you’re interested in storing sensitive data, these related resources may also help.

    Frequently Asked Questions

    Sensitive data is confidential personal information that requires special protection to keep it safe and out of reach from all outsiders who don’t have permission to access it.

    Examples of sensitive data that can be stored in HubSpot:

    • Demographic data (such as ethnicity, gender, age)
    • Citizenship
    • Immigration status
    • Some government-issued identifications
    • The last four digits of bank account numbers
    • Salary data
    • Health data, (including Protected Health Information subject to HIPAA (i.e., health data from covered entities and business associates)
    Please refer to our Sensitive Data Terms for a full list of the types of data that can be stored within sensitive data properties.

    If you turn on sensitive data, the sensitive properties that you create will not be used to train HubSpot’s AI models. However, other customer data within your portal may be used to train HubSpot’s AI models. You may opt-out of having your customer data used for machine learning by emailing privacy@hubspot.com. For more information, please review HubSpot’s Terms of Service and HubSpot’s Privacy Policy.

    When using HubSpot’s AI products, do not share any sensitive data in your prompts. HubSpot’s AI products are not part of our sensitive data features, and sensitive data should not be input into these tools as a prompt. Certain AI products may process sensitive data, which you may not have intended to include when generating results based on the prompt entered. These tools include:

    For more information on using the sensitive data features, please review the knowledge base article.

    HubSpot provides privacy and security protections that enable our customers to operate our products in compliance with HIPAA. These include security features like comprehensive audit logging, advanced authentication features, inactive session timeout, account security recommendations, application level per tenant encryption, and more. Please refer to our Trust Center for resources on storing sensitive data to ensure that you use our products and services in a way that supports your HIPAA obligations.

    The HubSpot BAA is included by reference in the Sensitive Data Terms for our Covered Entity and Business Associate customers storing protected health information in their account.

    Sensitive data is supported within the following features: CRM object properties (including manual update, import, export, and properties API), CRM activities, CRM objects API, list creation, workflows, search, reporting, integrations, forms and form submissions authenticated API, and lastly, CRM attachments added to records manually, or via notes, email, forms, or sensitive file properties.

    Note that HIPAA data is supported in the features above, except the Snowflake data share integration.

    Adding sensitive properties is limited to certain objects within HubSpot. These objects include contacts, companies, deals, tickets, and custom objects. Please refer to our Sensitive Data Terms for a full list of features that work with sensitive data properties.

    By default, data stored in HubSpot is encrypted in transit with TLS 1.2 or 1.3 and at rest using AES-256.

    For sensitive data, we added application layer encryption also using AES-256, with unique encryption keys for each customer. For more information on the security of these features, please review the HubSpot Trust Center

    Super admins can set up field-level permissions to restrict view and edit access for the property to specific users and teams. HubSpot strongly recommends that you set up this kind of permissioning to ensure that sensitive data can only be seen or modified by select users. Additionally, HubSpot recommends that you perform user access reviews to understand which users within your portal have super admin access. Users with super admin access can view and edit sensitive data properties. For more information on using the sensitive data features, please review the knowledge base article.