Is Google Meet HIPAA Compliant?

Answer: Google Meet is HIPAA compliant, but you first have to sign the Business Associate Agreement (BAA).

Is Google Meet HIPAA Compliant_

Many healthcare companies and hospitals use Google Meet as their video communication service of choice.

HIPAA (Health Insurance Portability and Accountability Act of 1996) is a federal law that governs the privacy of medical records. This law ensures that companies or organizations do not share patients’ data without their consent. It also ensures that the information is kept confidential and private.

When managing patient data, you must ensure their information is secure and HIPAA compliant. This is what you need to know:

  • As a Google enterprise cloud platform, Google Meet is HIPAA compliant. However, users must sign a Business Associate Agreement (BAA) first. We show you how to do so in this guide.
  • Only the Google workspace administrator can sign and receive a BAA.
  • To sign the BAA, you must have a Google Workspace premium account.
  • Google manages and discloses Protected Health Information (PHI).
  • Google has one BAA cover for all its Google Workspace applications.
  • Google has an extensive Google Workspace and Cloud Identity HIPAA Implementation Guide, which you should read.

Important: This article should not be considered legal advice. You should seek advice to ensure you comply with all HIPAA regulations.

How to sign the BAA to become HIPAA compliant

  1. Sign into your Google workspace Admin console.
  2. Click on the three horizontal bars to open the main menu. After that, click @ Account from the list, then select Account settings from the drop-down.

    Open your Google Workspace admin console and go to account settings.
    Open your Google Workspace admin console and go to account settings.

  3. From the new page, select Legal and compliance.

    At Account settings scroll down to legal and compliance
    Under Account settings, scroll down to Legal and compliance.

  4. Scroll down to “Security and Privacy Additional Terms” and click anywhere. Under “Google Workspace/Cloud Identity HIPAA Business Associate Amendment,” click Review and Accept.

    Choose to review and accept HIPPA BAA
    Choose to review and accept HIPAA BAA.

  5. To confirm that you are a HIPAA-covered entity, Google will ask you three questions. Submit your responses, then click OK.

    Answer questions to confirm you are a HIPPA compliant firm.
    Submit responses, then click OK.

  6. From the new pop-up, review the amendment and click I Accept.

    Read through the amendment and accept.
    Read through the amendment and accept.

  7. Google will notify you that you have successfully signed the HIPAA BAA. After that, click Done.

    Google notifies you the amendment signing is successful
    Google notifies you the amendment signing is successful.

What information does HIPAA protect?

While the list of PHI is extensive, the standard data includes:

  1. Patient identity
  2. Patient’s medical history
  3. Payment details
  4. Patient inquiries and claims
  5. Requests for referral authorization

Tl;dr

Is Google Meet HIPAA compliant? Yes and no. To become HIPAA compliant, you must first sign the BAA. Health organizations can demonstrate to patients and regulators that they are willing to meet privacy standards by signing a BAA and complying with HIPAA.

Phoebe is an HR assistant in her day job, but is also a web blogger that loves writing guides and sharing her experiences. When she is not out with her friends, she enjoys traveling or binge-watching Netflix. She graduated with a BA in Communication and Media Studies from the University of Utah, and is a chief editor at TechObservatory.

Leave a Comment