Is BlueJeans by Verizon HIPAA compliant?

Featured image

Share this article

Is BlueJeans by Verizon HIPAA Compliant? | Paubox

Since Paubox is a Business Associate to thousands of customers, we’ve been wondering if they are able to use BlueJeans by Verizon in a HIPAA compliant manner.

In fact, we’ve noticed more vendors, customers, and prospects asking about HIPAA compliant services.

This is especially true now as we see an accelerated, long overdue adoption of digital transformation in healthcare.

We know the HIPAA industry is vast, so we can empathize with just how many people need to use cloud services in this sector.

Today we will determine if BlueJeans by Verizon offers HIPAA compliant phone service or not.

BlueJeans by Verizon

BlueJeans by Verizon is a cloud-based video conferencing service. Originally named Bluejeans Network, it was acquired by Verizon in May 2020 and subsequently renamed to Bluejeans by Verizon.

BlueJeans was founded in 2009 by Krish Ramakrishnan and Alagu Periyannan.

What is a Business Associate?

A Business Associate is a person or company that performs certain functions or activities that involve the use or disclosure of protected health information (PHI) for a Covered Entity.

In a nutshell, the role of a Business Associate is to help Covered Entities comply with the HIPAA Privacy Rule

Read full article: What does it mean to be a Business Associate?

Secure email for modern healthcare. Right out of the box.

Business Associate Agreement provisions

If a Business Associate provides services to a Covered Entity, then a Business Associate Agreement (BAA) must be in place.

A BAA is a written contract between a Covered Entity and a Business Associate and is required by law for HIPAA compliance.

At a minimum, a Business Associate Agreement contains 10 provisions.

Read full article: Business Associate Agreement Provisions

BlueJeans by Verizon and the Business Associate Agreement

We checked the BlueJeans site for mention of their ability to sign a Business Associate Agreement (BAA).

We found the following pages:

On those pages, we can see that:

  • On one hand, the Bluejeans Anywhere Telehealth Care in the Cloud PDF document claims: “Blue Jeans Network does not store any video conference content, in any format. This security
    infrastructure means Blue Jeans has no control over the content you share via video conference. It is the
    responsibility of HIPAA covered entity to comply with HIPAA regulations, and our secure infrastructure can be
    part of your compliance solution.”
  • In their Terms and Conditions however, Bluejeans by Verizon states: “Customer agrees not to cause, or otherwise request that BlueJeans create, receive, maintain or transmit protected health information (as defined at 45 C.F.R. § 160.103) for or on behalf of Customer in connection with the Service or in any manner that would make BlueJeans a business associate (as defined at 45 C.F.R. § 160.103) to Customer.”

In a nutshell, Bluejeans is trying to eat its cake and have it too.

Bluejeans by Verizon claims you can use their product as part of a HIPAA compliance regime. This claim is likely led by their Sales and Marketing departments.

When you actually read their Terms and Conditions however, Bluejeans states customers cannot use their platform to store or transmit protected health information. This was likely written by Legal department and leads us to conclude that Bluejeans will not sign a BAA.

Does BlueJeans by Verizon offer HIPAA Compliant Service?

The Business Associate Agreement (BAA) is a key component to HIPAA compliance between a Covered Entity and a Business Associate.

We were able to learn the following about BlueJeans by Verizon about their ability to be considered a HIPAA compliant solution:

  • BlueJeans by Verizon explicitly states their customers are not allowed to store or transmit PHI on their platform.
  • While we found a PDF that leads the reader to believe Bluejeans by Verizon is part of a HIPAA compliance regime, this is in fact not the case.

Plain and simple: If a cloud vendor will not sign a BAA with its customers, they are not a HIPAA compliant vendor.

Conclusion: BlueJeans by Verizon is not a HIPAA compliant cloud service.

Try Paubox Email Suite for FREE today.
Author Photo

About the author

Hoala Greevy

Founder of Paubox. Kayak fishing when I can. Native Hawaiian CEO.

Read more by Hoala Greevy

Get started with
end-to-end protection

Bolster your organization’s security with healthcare’s most trusted HIPAA compliant email solution

The #1-rated email encryption 
and security software on G2

G2 Badge: Email Encryption Leader Fall 2022
G2 Badge: Security Best Usability Fall 2022
G2 Badge: Encryption Momentum Leader Fall 2022
G2 Badge: Security Best Relationship Fall 2022
G2 Badge: Security Users Most Likely to Recommend Fall 2022
G2 Badge: Email Gateway Best Relationship Fall 2022
G2 Badge: Email Gateway Best Meets Requirements Fall 2022
G2 Badge - Users Most Likely to Recommend Summer 2022
G2 Badge: Email Gateway Best Results Fall 2022
G2 Badge: Email Gateway Best Usability Fall 2022
G2 Badge: Email Gateway Best Support Fall 2022
G2 Badge: Email Gateway Easiest To Use Fall 2022
G2 Badge: Email Gateway Easiest Setup Fall 2022
G2 Badge: Email Gateway Easiest Admin Fall 2022
G2 Badge: Email Gateway Easiest to do Business with Fall 2022
G2 Badge: Email Gateway Highest User Adoption 2022
G2 Badge: Email Gateway High Performer Fall 2022
G2 Badge: Email Gateway Momentum Leader Fall 2022
G2 Badge: Email Gateway Most Implementable Fall 2022
G2 Badge: Email Gateway Users Most Likely to Recommend Fall 2022