![knack-cx-logo-service-hub 1.png]](https://learn.knack.com/hs-fs/hubfs/knack-cx-logo-service-hub%201.png?width=419&height=40&name=knack-cx-logo-service-hub%201.png){kind=logo}
Flows for HIPAA / GovCloud customers
This article covers how Flows execute within HIPAA/GovCloud environments, data handling boundaries, and compliance requirements when using external connectors.
Important Compliance Notice for HIPAA & GovCloud Accounts
Flows built entirely with Knack triggers and actions (i.e., using the Knack connector) are executed and contained within your secure HIPAA / GovCloud environment.
However, if your flows include third-party triggers or actions (e.g., Gmail, Outlook, Slack, QuickBooks, etc.), those external systems operate outside Knack’s controlled environment. You are responsible for ensuring that any third-party integrations you use are covered by your own HIPAA-compliant agreements or Business Associate Agreements (BAAs) with those providers.
Knack does not extend its HIPAA or GovCloud compliance guarantees to third-party systems or data transmitted to them.