Since Paubox is a Business Associate to thousands of customers, we’ve been wondering if they are able to use RingCentral in a HIPAA compliant manner. In fact, we've noticed more vendors, customers, and prospects asking about HIPAA compliant services. This is especially true now as we see an accelerated, long overdue adoption of digital transformation in healthcare.
We know the HIPAA industry is vast, so we can empathize with just how many people need to use cloud services in this sector. Today we will determine if RingCentral offers HIPAA compliant fax service or not.
RingCentral
RingCentral is a provider of cloud-based business phone systems. RingCentral was founded in 1999 by Vlad Shmunis and Vlad Vendrow. It went public in 2013 under the ticker symbol RNG.
What is a Business Associate?
A Business Associate is a person or company that performs certain functions or activities that involve the use or disclosure of protected health information (PHI) for a Covered Entity. In a nutshell, the role of a Business Associate is to help Covered Entities comply with the HIPAA Privacy Rule
Read full article: What does it mean to be a Business Associate?
Business Associate Agreement provisions
If a Business Associate provides services to a Covered Entity, then a Business Associate Agreement (BAA) must be in place. A BAA is a written contract between a Covered Entity and a Business Associate and is required by law for HIPAA compliance. At a minimum, a Business Associate Agreement contains 10 provisions.
Read full article: Business Associate Agreement Provisions
RingCentral and the Business Associate Agreement
We checked the RingCentral site for mention of their ability to sign a Business Associate Agreement (BAA). We found the following pages:- RingCentral Business Associate Agreement (BAA)
- RingCentral HIPAA Compliance
- Healthcare Phone Systems
From these pages, we can see that:
- RingCentral is willing to sign a BAA with its customers
- Customers need to request the RingCentral BAA from their RingCentral representative
- RingCentral will not sign a customer’s own BAA
- At least one of RingCentral's products are HITRUST CSF certified
See also: (HITRUST) Case Study: Paubox
Does RingCentral offer HIPAA Compliant Service?
The Business Associate Agreement (BAA) is a key component to HIPAA compliance between a Covered Entity and a Business Associate. We were able to learn the following about RingCentral and its ability to be considered a HIPAA compliant solution:- RingCentral is willing to sign BAA with its customers. It should be noted however, RingCentral will only sign its own BAA, not BAAs submitted by customers
- At least one RingCentral solution is HITRUST CSF certified
Conclusion: RingCentral is a HIPAA compliant cloud service, provided you sign a BAA with them.