Is ChatBot HIPAA compliant?

Featured image

Share this article

Is-ChatBot-HIPAA-Compliant-Paubox

Adding a live chat feature to your website can make it easy to communicate with patients. However, for those in healthcare who handle protected health information (PHI), your live chat option must be HIPAA compliant.

Today let’s look at ChatBot for HIPAA compliance.

About ChatBot

ChatBot is an “all-in-one platform to build and launch conversational chatbots without coding.” 

Features of ChatBot include ready-to-use templates, open API, metrics and reporting, and app integration (such as Facebook Messenger or LiveChat).

ChatBot and business associate agreements

A covered entity and a business associate must sign a business associate agreement (BAA) to remain HIPAA compliant.

We found no information about BAAs on ChatBot’s website.

ChatBot and PHI

PHI is considered any type of information that can identify a patient which is used during patient care. Keeping PHI safe from data breaches (intentional or accidental) is a key factor of HIPAA compliance. 

ChatBot offers no information about PHI on its website. 

The company does, however, collect personal information about its users. Per its privacy policy, personal information includes usernames, age, addresses, contact details, chat history, and credit card information. 

ChatBot does allow authorized employees and third parties, such as contractors or partners, to access this information.

Conclusion

One of the key components of HIPAA compliance is an executed BAA. We found no information on ChatBot’s willingness to sign a BAA. Therefore ChatBot is not HIPAA compliant. 

Covered entities who chose to use ChatBot as a live chat option on their websites must not use, send, or store any PHI on the platform.

Communicate directly with HIPAA compliant email

Live chat solutions can offer an easy way to speak with patients, however, not every solution is HIPAA compliant. 

Those in healthcare who want to send direct, hassle-free communication to their patients (including PHI) should consider using a HIPAA compliant email solution, like Paubox Email Suite

Our solution ensures that 100% of the emails you send are secure, but with the added benefit of making the experience seamless. As soon as the product is configured, all outbound emails will be encrypted. 

Paubox Email Suite integrates with your existing email platform (like Google Workspace or Microsoft 365), so you won’t have to worry about changing your email workflow to use it.

Try Paubox Email Suite for FREE today.
Author Photo

About the author

Hannah Trum

Read more by Hannah Trum

Get started with
end-to-end protection

Bolster your organization’s security with healthcare’s most trusted HIPAA compliant email solution

The #1-rated email encryption 
and security software on G2

G2 Badge: Email Encryption Leader Fall 2022
G2 Badge: Security Best Usability Fall 2022
G2 Badge: Encryption Momentum Leader Fall 2022
G2 Badge: Security Best Relationship Fall 2022
G2 Badge: Security Users Most Likely to Recommend Fall 2022
G2 Badge: Email Gateway Best Relationship Fall 2022
G2 Badge: Email Gateway Best Meets Requirements Fall 2022
G2 Badge - Users Most Likely to Recommend Summer 2022
G2 Badge: Email Gateway Best Results Fall 2022
G2 Badge: Email Gateway Best Usability Fall 2022
G2 Badge: Email Gateway Best Support Fall 2022
G2 Badge: Email Gateway Easiest To Use Fall 2022
G2 Badge: Email Gateway Easiest Setup Fall 2022
G2 Badge: Email Gateway Easiest Admin Fall 2022
G2 Badge: Email Gateway Easiest to do Business with Fall 2022
G2 Badge: Email Gateway Highest User Adoption 2022
G2 Badge: Email Gateway High Performer Fall 2022
G2 Badge: Email Gateway Momentum Leader Fall 2022
G2 Badge: Email Gateway Most Implementable Fall 2022
G2 Badge: Email Gateway Users Most Likely to Recommend Fall 2022