Comcast and the Business Associate Agreement
We’ve previously talked about how a Business Associate Agreement is a written contract between a Covered Entity and a Business Associate. It is required by law for HIPAA compliance. We checked Comcast’s Customer Privacy Notice and their Small Business Terms and Conditions. We could not find a single mention of “HIPAA” or “Business Associate Agreement.” In the case of free consumer email services, we have yet to find a company offering Business Associate Agreements with free email accounts. In addition, we searched the Comcast Help & Support Forums and found only one forum question regarding Comcast and HIPAA compliance. Unfortunately, it was not answered by anyone who works at Comcast.
Is Comcast HIPAA Compliant?
The Business Associate Agreement is a vital and legally required component to HIPAA compliance between a covered entity and a business associate. Since we could not find any mention of Comcast offering to sign one, we are left to conclude they are not in the business of offering HIPAA compliant email.
Conclusion: Comcast email is not HIPAA compliant.