Store Sensitive Data in HubSpot
Last updated: February 4, 2025
Available with any of the following subscriptions, except where noted:
Marketing Hub Enterprise |
Sales Hub Enterprise |
Service Hub Enterprise |
Operations Hub Enterprise |
Content Hub Enterprise |
To store sensitive information in your HubSpot account, users with Super Admin permissions can turn on the Sensitive Data setting. Once the setting is turned on, you can create custom properties that store Sensitive Data (e.g., personal identification, financial, health, or medical information) or Highly Sensitive Data (e.g., social security numbers).
Before you get started
Before you begin storing Sensitive Data, review the following information related to Sensitive Data functionality.
- You can only store certain types of Sensitive Data in HubSpot. Refer to the Sensitive Data terms page to understand which types of Sensitive Data and Highly Sensitive Data you can store and where these features are available.
- Sensitive Data properties are unavailable in certain tools, including personalization tokens, sandboxes, chatbots and playbooks. Highly Sensitive Data properties are restricted further. Refer to this article to learn more about how turning on Sensitive Data impacts your account and how to manage Sensitive Data in HubSpot tools.
Turn on or edit Sensitive Data settings
Prior to creating Sensitive Data properties, you'll need to turn on Sensitive Data in your Privacy & Consent settings and accept the related terms and conditions. Users must have Super Admin permissions to turn on Sensitive Data. If you’ve already turned on Sensitive Data, once you select a category of data, you cannot remove it, but you can add categories as needed.
Learn more about how turning on Sensitive Data affects your account.
Please note: once you’ve turned on Sensitive Data, it’s not possible to turn it off or remove the selected categories.
- In your HubSpot account, click the settings settings icon in the top navigation bar.
- In the left sidebar menu, navigate to Privacy & Consent.
- Click Configure sensitive data settings. If you’ve already turned on Sensitive Data, click Edit sensitive data settings to select additional data categories.
- In the right panel, select the checkboxes to specify the categories in which you’ll be storing Sensitive Data. Refer to the Sensitive Data terms to understand what types of data can be stored in the categories.
- To store HIPAA-covered data, you must select both the Health/Medical Data checkbox and the We are a HIPAA-covered entity or business associate checkbox.
Please note: while HubSpot provides a robust security program to protect your personal and sensitive data no matter the content, these data type identification processes help ensure your HIPAA and regulatory needs are supported. By identifying as a HIPAA Covered Entity or Business Associate, HubSpot can track the application of the Business Associate Agreement (BAA) and fulfill regulatory obligations.
- Click Next.
- Read the Sensitive Data Terms and if applicable, the Business Associate Agreement. Select the checkbox to accept the terms and conditions.
- Click Turn on sensitive data settings, or if you added categories, click Update sensitive data settings.
Access recommendations for storing Sensitive Data
Once you’ve turned on the setting to store Sensitive Data, you may need to take actions or update certain settings to better protect your data. To review recommendations to help you manage Sensitive Data:
- In your HubSpot account, click the settings settings icon in the top navigation bar.
- In the left sidebar menu, navigate to Privacy & Consent.
- Click Check recommendations.
- In the right panel, review recommended actions. For each recommendation, click a link to learn more or navigate to the relevant settings.
Create properties to store Sensitive Data
Super Admins can mark a property as storing Sensitive Data or Highly Sensitive Data. When a property stores Highly Sensitive Data, the property will be available in fewer tools, and its values will be encrypted so users with access to the property’s values must click to decrypt to view or edit the value. You can also indicate if the Sensitive Data or Highly Sensitive Data property will store protected health information.
By default, data in HubSpot is encrypted in transit and at rest. Marking a property as sensitive adds an additional layer of encryption, application layer encryption, which gives individual accounts and their Sensitive Data increased protection and isolation. Sensitive Data needed for search and reporting are stored in protected environments with highly restricted access. Access to the unencrypted values for Sensitive Data properties is restricted to designated HubSpot applications and user-approved connected private apps. Learn more about using Sensitive Data properties.
To create a Sensitive Data or Highly Sensitive Data property:
- In your HubSpot account, click the settings settings icon in the top navigation bar.
- In the left sidebar menu, navigate to Properties.
- Click Create property.
- Enter the property’s basic details, select the field type, then click the Sensitive data tab.
- To store sensitive information, select Sensitive Data. To store highly sensitive information, select Highly Sensitive Data. Learn more about the types of Sensitive Data you can store in each category.
- If the property will store HIPAA-protected health data, select the Yes, this data contains Protected Health Information (PHI) checkbox.
- To set who has access to view and edit the property, click the Manage access tab, then select an option.
- Finish setting up your property, then click Create.
Please note: the following is expected when creating properties:
- Once a property is created, its Sensitive Data setting cannot be changed. An existing Sensitive Data property cannot be set as non-sensitive, and an existing non-sensitive property cannot be set as sensitive.
- Score and calculation properties cannot store Sensitive Data.
- You cannot require unique values for Sensitive Data properties.
Additional resources
- For more information about HubSpot’s security program, refer to the HubSpot Trust Center.
- To learn how Sensitive Data affects other HubSpot tools, refer to this article.
- To learn how to manage Sensitive Data via API, refer to the developer documentation.