Spok Mobile is a clinical communications platform designed to enhance workflow and collaboration among healthcare teams through secure messaging, critical alerting, and mobile communications.
With Spok Mobile, healthcare organizations can improve clinician communication while leveraging the platform for paging, messaging, and alerting services.
Is Spok Mobile HIPAA compliant? Yes, Spok Mobile can be HIPAA compliant when used in accordance with applicable privacy and security obligations.
Yes, Spok will sign a business associate agreement when necessary for HIPAA compliance.
Spok’s BAA governs the handling of protected health information (PHI) in line with HIPAA regulations. Their Acceptable Use Policy states, "For certain health care industry customers of Spok, Spok may access, use or disclose protected health information subject to the Health Insurance Portability and Accountability Act ('HIPAA'). In such instances, Spok complies with applicable privacy and security obligations as a 'business associate' under HIPAA."
Their BAA typically covers:
Spok also clarifies the "conduit exception," stating: "An entity that merely acts as a conduit for PHI…does not access it other than on a 'random or infrequent basis as necessary to perform the transportation service or as required by law.'"
This means that for wireless services, Spok may function as a conduit for PHI without being a business associate, and the BAA does not cover PHI that is simply transported or transmitted without being created, maintained, or accessed for service purposes.
Spok Mobile signs a BAA for applicable healthcare customers and is therefore HIPAA compliant when used according to its Acceptable Use Policy and HIPAA obligations. Users should ensure proper configuration and adherence to HIPAA requirements for handling PHI.
Learn more: HIPAA Compliant Email: The Definitive Guide
A BAA is a legally binding contract establishing a relationship between a covered entity under HIPAA and its business associates.
HIPAA sets national standards for protecting the privacy and security of certain health information.
HIPAA applies to covered entities, including healthcare providers, health plans, and healthcare clearinghouses. It also applies to business associates.