Medical providers and companies working with patient data need to go the extra mile to ensure they work with HIPAA compliant live chat providers to protect patient health information. Working with a live chat service that isn’t well-versed with HIPAA compliance could mean: 

  • Hefty fines
  • Employee termination
  • Sanctions by medical boards
  • Expensive lawsuits
  • Restitutions

We take HIPAA compliance very seriously and are buttoned-up internally and with our supply chain.

Every company working with patients should exercise diligence and ensure their practice follows HIPAA at all times. At Flow, we know how important it is to take proper care of your customer’s medical information. Thus, we’ve taken the extra steps to be a HIPAA compliant live chat agency. So you can help patients on live chat knowing their personal information is safe and secure. 

1. We Secure Data With a US Host

Foreign servers can act outside HIPAA laws and US jurisdiction. Thus, we’ve chosen a secure US data center to host all our information to make sure it’s protected under HIPAA. 

2. We Disable and Delete Chat Transcripts

Sending transcripts with sensitive data via email is inherently insecure. Though we typically email transcripts, we disable this feature for HIPAA-compliance. We take it a step further and delete transcripts from our technology provider’s servers after a chat as well.

Related: Everything You Need to Go Live With Live Chat

3. We Turn Off Third-Party Integrations 

Data moves back and forth between your chat platform and third-party integrations like Google Analytics. This means Google or any other integration receives data from your live chats. Most live chat services are unaware of this leak, but our understanding gives you extra precaution. 

4. We Stop File Sharing During Chats

Live chat platforms can send and receive files between agents and visitors. For example, a patient could send a picture of their: 

  • Personal information
  • Medication list
  • Medical history
  • Insurance card
  • Doctor referral

Even if agents delete transcripts, servers store the raw data making it vulnerable. As a HIPAA compliant live chat, we stop file sharing so the data doesn’t sit in our servers. 

5. We Make Agents Login With 2-Step Verification

All our chat agents must log in with Google’s 2-step verification.  This process adds extra defense against hackers looking to steal valuable information. 

Related: Case Study: Advanced Pain Care

6. We Have a BAA With Our Software Provider

To become a HIPAA compliant live chat, we signed a HIPAA Business Associate Addendum (BAA) with our chat technology vendor. By signing a BAA with our service providers, we make sure our supply chain is HIPAA compliant as well.

Choose a HIPAA Compliant Live Chat With Diligence

You can’t afford to put your patients at risk with a live chat provider who does not understand the nuances of HIPAA.

Choosing a provider that merely states ‘HIPAA compliant’ is a recipe for disaster. You need to dig deep and find out exactly how they comply. 

At Flow, we’re proud to have taken all the steps to become a HIPAA compliant live chat. It’s opened up an opportunity to work with the largest hospital network in Colorado. 

Want to learn more about how Flow can install HIPAA compliant live chat for your practice? Reach out to us via chat or our contact form