Linkedin-in
Subscribe

Is Intercom HIPAA Compliant?

March 17, 2018

Intercom’s messaging software-as-a-service solutions are trendy with companies for conversing with possible clients. The solutions have the possibility for use in the healthcare industry for talking with patients, but is Intercom HIPAA compliant? Can the business’s solutions be used in relation with electronic protected health information or would that be a violation of HIPAA Rules?
Is Intercom Ready to Sign a Business Associate Agreement?
HIPAA protected units and their companies are only allowed to use software products and facilities in relation with electronic protected health information if there are protections in place to protect the secrecy, integrity, and availability of ePHI. Any software platform should include audit and access controls and data should be properly safeguarded in transportation and at rest.
Prior to software-as-a-service can be used to transmit or store ePHI, a HIPAA protected unit should enter into a business associate agreement with the service supplier in which the business’s responsibilities under HIPAA are explained.
There are exclusions for certain service suppliers like ISPs. ISPs are exempted under the HIPAA Conduit Exception Rule. Messaging facilities such as those provided by Intercom are not exempted and business associate agreements would need to be obtained before the facility can be used.
In Intercom’s terms and conditions, it is made clear that Intercom doesn’t consider itself a business associate and will not sign a business associate agreement with HIPAA protected units. The firm also clarifies that the platform must not be used for gathering, storing, processing, or transmitting confidential private information.
Is Intercom HIPAA Compliant?
Presently, Intercom doesn’t categorize itself as a business associate and will not sign a business associate agreement with HIPAA protected units and the platform doesn’t have the necessary secrecy and safety controls to be used in relation with electronic protected health information.
As a result, Intercom isn’t HIPAA compliant and must not be used by healthcare companies for sending or storing any ePHI.

Tags

Daniel Lopez

Daniel Lopez

Daniel Lopez stands out as an exceptional HIPAA trainer, dedicated to elevating standards in healthcare data protection and privacy. Daniel, recognized as a leading authority on HIPAA compliance, serves as the HIPAA specialist for Healthcare IT Journal. He consistently offers insightful and in-depth perspectives on a wide range of HIPAA-related topics, addressing both typical and complex compliance issues. With his extensive experience, Daniel has made significant contributions to multiple publications such as hipaacoach.com, ComplianceJunction, and The HIPAA Guide, enriching the field with his deep knowledge and practical advice in HIPAA regulations. Daniel offers a comprehensive training program that covers all facets of HIPAA compliance, including privacy, security, and breach notification rules. Daniel's educational background includes a degree in Health Information Management and certifications in data privacy and security. You can contact Daniel via HIPAAcoach.com.

Get The FREE HIPAA Checklist

Discover everything you need to become HIPAA compliant
Get Free Checklist
Linkedin-in
Healthcare IT Journal Offers
The Latest Actionable News In Healthcare IT

News

Get the free newsletter

Please enable JavaScript in your browser to complete this form.
Name
Linkedin-in

© 2024 Healthcare IT Journal

© 2023 Healthcare IT Journal
Scroll to Top

Get the free newsletter

Discover everything you need to become HIPAA compliant
Please enable JavaScript in your browser to complete this form.
Name

Get The FREE HIPAA Checklist

Discover everything you need to become HIPAA compliant
Please enable JavaScript in your browser to complete this form.
Name