Yes, Google Hangouts has stated that it's some features are HIPAA compliant. Google will sign a business associate agreement (BAA) with protected entities.
Security features provide privacy controls that notify you when unauthorized access occurs. These controls must be configured before using Google Hangouts for protected health information (PHI). Using Google Hangouts on a mobile device could violate HIPAA rules.
Each covered entity needs to have a signed business associate agreement (BAA). Google will sign this agreement for customers with a Google Workspace Business or Enterprise account. Customers using the free version of Google Hangouts cannot obtain a signed BAA, so the free account shouldn’t be used for PHI.
Even with a signed BAA in place, covered entities need to be cautious. This BAA doesn’t include specific features, such as video chat and VOIP. With a signed BAA, healthcare providers may use the Hangouts text chat messaging feature only. When your organization needs video chat services, it’s best to select an alternative tool (like Google Meet) that follows HIPAA requirements.
If your organization is planning to use Google Hangouts for PHI, refer to Google’s user guide for detailed information about security and privacy controls.