The digital transformation in healthcare has increased the need for cloud solutions. Subsequently, healthcare professionals are looking for HIPAA compliant products and services. Medical professionals are implementing virtual meeting services now more than ever. This leaves many providers curious about Zoom's HIPAA compliance and wondering if Zoom products are right for them. Zoom can be configured for HIPAA compliance, but there are many factors for covered entities to remember when using the platform. Paubox is a business associate to thousands of healthcare providers. Many of our customers ask about Zoom, so we created this guide as an answer your questions about how to use Zoom's products in a HIPAA compliant manner.
UPDATE: In April 2020, in connection with the COVID-19 pandemic, the Office for Civil Rights (OCR) at the Department of Health and Human Services (HHS) announced the Notification of Enforcement Discretion, which allows healthcare providers to use widely available communication apps, such as [name of the app], for telehealth services without the risk of incurring HIPAA fines. For more information, check out this recent Paubox blog post.
Is Zoom HIPAA compliant in 2020?
This is the question we get most often. In short, yes, Zoom can be HIPAA compliant— IF it is configured correctly. For one thing, a business associate agreement (BAA) must be in place. This is necessary by law for HIPAA compliance. The BAA is part of Zoom’s Healthcare plan. This special HIPAA plan has different pricing and configuration settings.
Read the full article to learn all the details.
What Zoom services are HIPAA compliant?Zoom has a lot of different products. Not all of its services can be configured to be HIPAA compliant. Here is a breakdown of Zoom’s products that can be configured for use by covered entities:
All of these cloud services are within the scope of the Zoom BAA and can become HIPAA compliant when set up correctly.
How to make sure your Zoom meeting is secure
Zoom is an easy target for security breaches, but this can be avoided by taking precautions. Make sure Zoom meetings with patients or other healthcare providers meet HIPAA guidelines. There are simple configuration steps you can take to ensure that your video conferences are more secure. Check out this blog for specific settings and directions.
HIPAA Critical Podcast on Zoom security
Episode 12 of Paubox’s HIPAA Critical podcast talks all about Zoom security. It also covers other relevant topics like COVID-19 and teleworking. Listen to the podcast or read the full transcript here. You will learn more about Zoom security, plus what the company has in its pipeline for healthcare.
Other HIPAA compliant software options
Zoom is a suitable web conferencing platform for healthcare professionals. However, there are other effective ways to communicate with patients as well. For instance, it is important for your business to have a HIPAA compliant email platform. Paubox Marketing is a simple solution to for personalized healthcare email marketing. It allows you segment your recipients and include protected health information (PHI) in your marketing emails without relying on logins or portals. You can use Paubox Marketing to write an effective healthcare email newsletter and improve patient outcomes. Simply put, it is the best HIPAA compliant email marketing solution available. Email marketing can accomplish many things. For example, they can help educate patients, increase patient activation , improve patient outcomes by preventing adverse events , and even protect patients from coronavirus . To sum up, Zoom and Paubox Marketing can be used together for HIPAA compliant communication. Their combination can provide a solid foundation for modernizing your medical practice.