by Hoala Greevy CEO of Paubox
Article filed in

I Have A Small Medical Office, Is Sonic Email HIPAA Compliant?

by Hoala Greevy CEO of Paubox

I Have A Small Medical Office, Is Sonic Email HIPAA Compliant? - Paubox

Today we received an inbound inquiry from an owner of a small medical office in Northern California. She asked whether it’s possible to use our HIPAA compliant email solution with her email provider, Sonic.

We know the HIPAA industry is vast so we can empathize with just how many people need to use cloud-based services in this sector.

In previous posts, we’ve covered the following cloud solutions and their capabilities for HIPAA compliance:

The purpose of this post is to determine if Sonic offers HIPAA compliance or not.

SEE ALSO: HIPAA Breaches and Cloud Providers

About Sonic

Sonic is a telecom and ISP based in Santa Rosa, California. It also acts as a competitive local exchange carrier in the San Francisco Bay Area and Sacramento.

Sonic and the Business Associate Agreement

We’ve previously talked about how a Business Associate Agreement (BAA) is a written contract between a Covered Entity and a Business Associate. It is required by law for HIPAA compliance.

We checked Sonic’s site and found no reference of them offering to sign a BAA or their aptitude for providing HIPAA compliant email services.

We did however, find an interesting forum post entitled, HIPAA compliance, dated 27 March 2014.

In it, a user asks:

“Is the fax line service HIPAA compliant?”

Less than an hour later, Sonic CEO Dane Jasper replies:

“No, we do not certify HIPAA compliance for our FaxLine service. Please do not use the service where HIPAA is required.”

Does Sonic Offer HIPAA Compliant Service?

The Business Associate Agreement is a key component to HIPAA compliance between a Covered Entity and a Business Associate.

Sonic makes no official reference to signing a BAA or offering HIPAA compliant services on their corporate site.

In addition, their CEO specifically stated in their user forum not to use their infrastructure for HIPAA compliant faxing.

G Suite email isn’t HIPAA compliant out of the box.
Download the Quick Guide to HIPAA Compliant Email for free.

Conclusion: Sonic does not appear to offer HIPAA Compliant Email.

We therefore cannot recommend using their email service for HIPAA compliant email.