No, Avast has declared that it is not a suitable tool for PHI because the service is unclear about HIPAA compliance. Also, Avast won’t sign a BAA.
Avast offers security features that seem to comply with specific HIPAA regulations. But the only mention of HIPAA on their website is in a press release about Virtual Mobile Platform (VMP). Avast VMP allows users to share photos and medical images securely, without storing the data on a personal device. Also, all IM messages and phone calls are encrypted, which may fit HIPAA requirements.
There is no mention of HIPAA on the VMP web page or the Avast website. Because Avast won’t sign a BAA, it’s best for covered entities to use another service for protected health information.