The 6 Steps Flow Takes To Ensure HIPAA Compliant Live Chat
Find out the steps we take to be a HIPAA compliant live chat service and protect your patients' health information.
Medical providers and companies working with patient data need to go the extra mile to ensure they work with HIPAA compliant live chat providers to protect patient health information. Working with a live chat service that isn’t well-versed with HIPAA compliance could mean:
- Hefty fines
- Employee termination
- Sanctions by medical boards
- Expensive lawsuits
We take HIPAA compliance very seriously and are buttoned-up internally and with our supply chain.
Every company working with patients should exercise diligence and ensure their practice follows HIPAA at all times. At Flow, we know how important it is to take proper care of your customer’s medical information. Thus, we’ve taken the extra steps to be a HIPAA compliant live chat agency. So you can help patients on live chat knowing their personal information is safe and secure.
1. We Secure Data With a US Host
Foreign servers can act outside HIPAA laws and US jurisdiction. Thus, we’ve chosen a secure US data center to host all our information to make sure it’s protected under HIPAA.
2. We Disable and Delete Chat Transcripts
Sending transcripts with sensitive data via email is inherently insecure. Though we typically email transcripts, we disable this feature for HIPAA-compliance. We take it a step further and delete transcripts from our technology provider’s servers after a chat as well.
3. We Turn Off Third-Party Integrations
Data moves back and forth between your chat platform and third-party integrations like Google Analytics. This means Google or any other integration receives data from your live chats. Most live chat services are unaware of this leak, but our understanding gives you extra precaution.
4. We Stop File Sharing During Chats
Live chat platforms can send and receive files between agents and visitors. For example, a patient could send a picture of their:
- Personal information
- Medication list
- Medical history
- Insurance card
- Doctor referral
Even if agents delete transcripts, servers store the raw data making it vulnerable. As a HIPAA compliant live chat, we stop file sharing so the data doesn’t sit in our servers.
5. We Make Agents Login With 2-Step Verification
All our chat agents must log in with Google’s 2-step verification. This process adds extra defense against hackers looking to steal valuable information.
Related: Case Study: Advanced Pain Care
6. We Have a BAA With Our Software Provider
To become a HIPAA compliant live chat, we signed a HIPAA Business Associate Addendum (BAA) with our chat technology vendor. By signing a BAA with our service providers, we make sure our supply chain is HIPAA compliant as well.
Choose a HIPAA Compliant Live Chat With Diligence
You can’t afford to put your patients at risk with a live chat provider who does not understand the nuances of HIPAA.
Choosing a provider that merely states ‘HIPAA compliant’ is a recipe for disaster. You need to dig deep and find out exactly how they comply.
At Flow, we’re proud to have taken all the steps to become a HIPAA compliant live chat. It’s opened up an opportunity to work with the largest hospital network in Colorado.
Want to learn more about how Flow can install HIPAA compliant live chat for your practice? Reach out to us via chat or our contact form.