without being an expert in HIPAA compliance I think the asnwer is yes given the information in this security article
Let me know if that works,
Thanks for the quick reply, Peter.
There are certain criteria for a messaging application to be HIPAA-compliant. I read through the HipChat info and see that only the "server" version can be HIPAA-complaint but besides that, I could find no other related info which makes me think that even the server version of HipChat is not HIPAA-compliant out-of-the-box.
Anyone else have any input?
I've found this article about hippa and electronic communication.
after reading it, I understood that unless the storage, in the device receiving the encrypted message, is properly secured it won't be hipaa compliant.
The answer is, sorta.
"New standard – impermissible use/disclosure of (unsecured) PHI presumed to require notification, unless CE/BA can demonstrate low probability that PHI has been compromised based on a risk assessment of at least: – Nature & extent of PHI involved – Who received/accessed the information – Potential that PHI was actually acquired or viewed – Extent to which risk to the data has been mitigated"
While the servers, on the end of the owners of the servers, may be able to view and access logs you cannot. You have no way of proving that you can account for who had viewed the information or who had access to the information. So, while you may not exactly be going against HIPAA because you aren't giving the information to anyone who shouldn't have it...you aren't exactly staying within guidelines because you can't prove who did or didn't have access to it.
...from the beginning. We have built up a lot of content in HipChat, with it being a core tool in our distributed company model. While it is true that we didn’t need to move to Slack immediately, we felt it...
Connect with like-minded Atlassian users at free events near you!Find a group
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no AUG chapters near you at the moment.Start an AUG
You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs