Is Intercom HIPAA compliant?

Featured image

Share this article

Is Intercom HIPAA Compliant? - Paubox

Lately we’ve been discussing in the office whether certain cloud-based solutions are HIPAA compliant or not. Intercom is popular customer messaging platform.

We know the HIPAA industry is vast so we can empathize with just how many people need to use cloud-based services in this sector.

In previous posts, we’ve covered the following cloud solutions and their capabilities for HIPAA compliance:

The purpose of this post is to determine if Intercom offers HIPAA compliance or not.

SEE ALSO: HIPAA Breaches and Cloud Providers

About Intercom

Intercom is a US-based software company that makes a customer messaging platform. The company allows software businesses to chat with prospective and existing customers within their app, on their website, through social media, or via email.

Intercom and the Business Associate Agreement

We’ve previously talked about how a Business Associate Agreement (BAA) is a written contract between a Covered Entity and a Business Associate. It is required by law for HIPAA compliance to ensure security and privacy.

We checked the Intercom site and quickly found what we were looking for on their Terms and Conditions page.

In it, Intercom points out:

No Sensitive Personal Information. Customer specifically agrees not to use the Services to collect, store, process or transmit any Sensitive Personal Information. Customer acknowledges that Intercom is not a Business Associate or subcontractor (as those terms are defined in HIPAA) or a payment card processor and that the Services are neither HIPAA nor PCI DSS compliant. Intercom will have no liability under this Agreement for Sensitive Personal Information, notwithstanding anything to the contrary herein.

Does Intercom Offer HIPAA Compliant Service?

The Business Associate Agreement is a key component to HIPAA compliance between a Covered Entity and a Business Associate.

Since Intercom specifically states in their Terms and Conditions that they do not offer a BAA nor do they allow customers to store PHI in their platform, we conclude it is not a HIPAA compliant service.

Conclusion: Intercom is not HIPAA Compliant.

Try Paubox Email Suite for FREE today.
Author Photo

About the author

Hoala Greevy

Founder of Paubox. Kayak fishing when I can. Native Hawaiian CEO.

Read more by Hoala Greevy

Get started with
end-to-end protection

Bolster your organization’s security with healthcare’s most trusted HIPAA compliant email solution

The #1-rated email encryption 
and security software on G2

G2 Badge: Email Encryption Leader Fall 2022
G2 Badge: Security Best Usability Fall 2022
G2 Badge: Encryption Momentum Leader Fall 2022
G2 Badge: Security Best Relationship Fall 2022
G2 Badge: Security Users Most Likely to Recommend Fall 2022
G2 Badge: Email Gateway Best Relationship Fall 2022
G2 Badge: Email Gateway Best Meets Requirements Fall 2022
G2 Badge - Users Most Likely to Recommend Summer 2022
G2 Badge: Email Gateway Best Results Fall 2022
G2 Badge: Email Gateway Best Usability Fall 2022
G2 Badge: Email Gateway Best Support Fall 2022
G2 Badge: Email Gateway Easiest To Use Fall 2022
G2 Badge: Email Gateway Easiest Setup Fall 2022
G2 Badge: Email Gateway Easiest Admin Fall 2022
G2 Badge: Email Gateway Easiest to do Business with Fall 2022
G2 Badge: Email Gateway Highest User Adoption 2022
G2 Badge: Email Gateway High Performer Fall 2022
G2 Badge: Email Gateway Momentum Leader Fall 2022
G2 Badge: Email Gateway Most Implementable Fall 2022
G2 Badge: Email Gateway Users Most Likely to Recommend Fall 2022