Lately we’ve been discussing in the office whether certain cloud-based solutions are HIPAA compliant or not. Zoom is a widely used video communications company located in Silicon Valley.
We know the HIPAA industry is vast so we can empathize with just how many people need to use cloud-based services in this sector.
In previous posts, we’ve covered the following cloud solutions and their capabilities for HIPAA compliance:
- Amazon CloudFront
- Apple iCloud
- Apple iMessage
- Citrix ShareFile
- Google Calendar
- Google Docs
- Google Drive
- Google Forms
- Google Hangouts
- Google Slides
- Google Voice
- Office 365
- Return Path
The purpose of this post is to determine if Zoom offers HIPAA compliance or not.
SEE ALSO: HIPAA Breaches and Cloud Providers
Zoom was founded in 2011 by engineers from Cisco Systems and its collaboration business unit, WebEx. The service launched in January 2013 and by May 2013, it claimed one million participants. The service has taken off since then and I’m happy to say we are also Zoom customers.
Zoom and the Business Associate Agreement
We’ve previously talked about how a Business Associate Agreement (BAA) is a written contract between a Covered Entity and a Business Associate. It is required by law for HIPAA compliance.
We checked Zoom’s site and found a blog post from 20 April 2017 titled, “Introducing Zoom for Telehealth.”
The post appears to be Zoom’s initial public announcement on its HIPAA compliant offerings. It also references Zoom for Telehealth.
The Zoom for Telehealth page mentions that:
“Signed Business Associate Agreement available to Zoom for Telehealth customers.”
We also found a FAQ article about Zoom and HIPAA Compliance.
It looks like there are some important settings to be aware of once HIPAA compliance is enabled for Zoom customers.
Does Zoom Offer HIPAA Compliant Service?
The Business Associate Agreement is a key component to HIPAA compliance between a Covered Entity and a Business Associate.
We quickly found information on Zoom’s website that they do in fact offer HIPAA Compliant services.
Zoom can be configured to be HIPAA compliant.
Make sure you sign a Business Associate Agreement with them.