We have been seeing quite a few HIPAA entities using AOL email for business use in healthcare. We get calls and emails from all over the country about whether AOL is a HIPAA compliant email provider or not. Most of these inquiries, as you can imagine, are coming from small private practitioners. In previous posts, we’ve covered email providers like Gmail, Hotmail, Yahoo, GoDaddy, IPOWER and HostGator and their capabilities for HIPAA compliance. The purpose of this post is to determine if AOL offers HIPAA compliant email or not.
We've previously talked about how a Business Associate Agreement is a written contract between a Covered Entity and a Business Associate. It is required by law for HIPAA compliance. We checked AOL's Privacy Policy and their Terms of Service. We could not find a single mention of "HIPAA" or "Business Associate Agreement." In the case of free consumer email services, we have not found a single company offering Business Associate Agreements with free email accounts.