Is Zendesk HIPAA compliant?

Featured image

Share this article

Is-Zendesk-HIPAA-Compliant-Paubox

Providing top of the line customer service is a no brainer in 2020, and using a customer service solution can help. However, covered entities need to make sure any products or services they use are HIPAA compliant. 

Let’s look at Zendesk for HIPAA compliance.

About Zendesk

Zendesk is a customer service software provider based in San Francisco. This solution manages customer queries, provides customer support tools, and helps build customer relationships. 

Products in the Zendesk family are Zendesk Support, Zendesk Chat, Zendesk Talk, and Zendesk Explore. 

Read more: Is Zendesk Chat HIPAA Compliant?

Zendesk and HIPAA compliance

A covered entity and a business associate must sign a business associate agreement (BAA) to remain HIPAA compliant. 

According to Zendesk’s document Advanced Security add-ons (Professional and Enterprise), the Advanced Compliance (Enterprise add-on) “helps fulfill your obligations” under HIPAA.

Zendesk will enter into a BAA for Enterprise customers with this add-on. For a full list of services covered by Zendesk’s BAA, click here.

Zendesk and PHI

Another integral part of HIPAA compliance is keeping protected health information (PHI) safe. Zendesk states in the Advance Compliance document that it “will provide you with appropriate security configuration options to help safeguard protected health information (PHI).”

Free Whitepaper “Barriers to Secure Communication”

Configuring Zendesk for HIPAA compliant use

Zendesk Enterprise plan subscribers must have specific configurations in place for Zendesk accounts to be HIPAA compliant. According to the Security Configuration Requirements for HIPAA Enabled Accounts on Zendesk document, these configurations include: 

  • Secure agent authentication via native Zendesk Support with password settings or by utilizing an internal Single Sign On solution
  • Secure Socket Layer (SSL) encryption on HIPAA enabled accounts
  • Restricting access to certain specific IP addresses 
  • Implementing required API security best practices as outlined in the above-linked document
  • Enabling the “require authentication for download” feature
  • Enforcing a password-locked screensaver or startup screen to engagement after 15 minutes of inactivity

Additionally, healthcare providers will need to monitor staff to avoid accidental PHI transmission. Cybersecurity training for your staff is another precautionary measure that can help keep your practice HIPAA compliant.

Conclusion

Zendesk can be HIPAA compliant for Enterprise plan customers who follow the above-linked security configurations and execute a BAA.

Direct communication with HIPAA compliant email

A HIPAA compliant email solution, like Paubox Email Suite, can offer your practice another direct line of communication with your patients. 

Once configured, all outbound emails will be encrypted. Paubox Email Suite requires no change in your email behavior or your patients’. You send emails directly from your existing email platform (such as Microsoft 365 and Google Workspace), and emails deliver directly to your patients’ inboxes. 

Simply open your inbox, send an email, and leave patient portals and logins behind.

Try Paubox Email Suite for FREE today.
Author Photo

About the author

Hannah Trum

Read more by Hannah Trum

Get started with
end-to-end protection

Bolster your organization’s security with healthcare’s most trusted HIPAA compliant email solution

The #1-rated email encryption 
and security software on G2

G2 Badge: Email Encryption Leader Fall 2022
G2 Badge: Security Best Usability Fall 2022
G2 Badge: Encryption Momentum Leader Fall 2022
G2 Badge: Security Best Relationship Fall 2022
G2 Badge: Security Users Most Likely to Recommend Fall 2022
G2 Badge: Email Gateway Best Relationship Fall 2022
G2 Badge: Email Gateway Best Meets Requirements Fall 2022
G2 Badge - Users Most Likely to Recommend Summer 2022
G2 Badge: Email Gateway Best Results Fall 2022
G2 Badge: Email Gateway Best Usability Fall 2022
G2 Badge: Email Gateway Best Support Fall 2022
G2 Badge: Email Gateway Easiest To Use Fall 2022
G2 Badge: Email Gateway Easiest Setup Fall 2022
G2 Badge: Email Gateway Easiest Admin Fall 2022
G2 Badge: Email Gateway Easiest to do Business with Fall 2022
G2 Badge: Email Gateway Highest User Adoption 2022
G2 Badge: Email Gateway High Performer Fall 2022
G2 Badge: Email Gateway Momentum Leader Fall 2022
G2 Badge: Email Gateway Most Implementable Fall 2022
G2 Badge: Email Gateway Users Most Likely to Recommend Fall 2022