Intermedia is a cloud communications provider offering services like voice, video conferencing, email, file sharing, and chat. It supports healthcare organizations by streamlining communication, enhancing productivity, and safeguarding sensitive data. Intermedia states that it can be HIPAA compliant and offers HIPAA-compliant hosting services with appropriate safeguards.
Is Intermedia HIPAA compliant? Yes, Intermedia can be HIPAA compliant.
Will Intermedia sign a business associate agreement (BAA)?
Yes, Intermedia will sign a business associate agreement.
Learn about: What is HIPAA compliant hosting?
What does the Intermedia BAA cover?
The Intermedia BAA applies to all PHI stored or processed through its "Office in the Cloud" services. The company states its services are designed to meet HIPAA privacy and security requirements. Intermedia’s HIPAA whitepaper and website describe protections that include technical and administrative safeguards.
According to Intermedia: “Our policies, procedures, technologies and services are audited by a third-party to validate conformance with HIPAA privacy and security requirements.”
Their BAA covers:
- Protection of PHI across cloud services
- Reporting and mitigation of security incidents
- Access controls and encryption
- Secure backup, tracking, and archiving
- Compliance with HIPAA security and privacy requirements
- Support for access and audit controls
What does the Intermedia BAA exclude?
Intermedia does not publicly list exclusions in its standard HIPAA compliance page, but the company emphasizes that HIPAA compliance depends on proper configuration, use, and the signing of a BAA. Customers must ensure they implement strong access controls, employee training, and routine audits. The platform is not intended for direct patient care or treatment-related decisions, and healthcare organizations must avoid using the services for sensitive disclosures not covered in the BAA.
Conclusion
Intermedia signs a BAA and is therefore HIPAA compliant when used appropriately and configured to meet security standards. However, healthcare organizations must request a BAA and actively manage security responsibilities to ensure ongoing compliance.
Lean about: HIPAA Compliant Email: The Definitive Guide (2025 Update)
FAQs
What is a business associate agreement?
A business associate agreement (BAA) is a legally binding contract establishing a relationship between a covered entity under HIPAA and its business associates. The purpose of this agreement is to ensure the proper protection of personal health information (PHI) as required by HIPAA regulations.
What is HIPAA?
HIPAA sets national standards for protecting the privacy and security of certain health information, known as PHI. HIPAA is designed to protect the privacy and security of individuals’ health information and to ensure that healthcare providers and insurers can securely exchange electronic health information. Violations of HIPAA can result in significant fines and penalties for covered entities.
Who does HIPAA apply to?
HIPAA applies to covered entities, which include healthcare providers, health plans, and healthcare clearinghouses. It also applies to business associates of these covered entities. These are entities that perform certain functions or activities on behalf of the covered entity.
.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
Kirsten Peremore
