Yes, some features in Google Hangouts are HIPAA compliant. Google will sign a business associate agreement (BAA) with protected entities.
Google Hangouts is a communication platform available through Google Workspace. The chat messaging feature in Google Hangouts meets HIPAA compliance standards, which means that covered entities can use it and maintain HIPAA compliance.
Security features provide privacy controls that notify you when unauthorized access occurs. These controls must be configured before using Google Hangouts for protected health information (PHI). Using Google Hangouts on a mobile device could violate HIPAA rules.
Each covered entity needs to have a signed business associate agreement (BAA). Google will sign this agreement for customers with a Google Workspace Business or Enterprise account. Customers using the free version of Google Hangouts cannot obtain a signed BAA, so the free account shouldn’t be used for PHI.
Even with a signed BAA in place, covered entities need to be cautious. This BAA doesn’t include specific features, such as video chat and VOIP. With a signed BAA, healthcare providers may use the Hangouts text chat messaging feature only. When your organization needs video chat services, it’s best to select an alternative tool (like Google Meet) that follows HIPAA requirements.
If your organization is planning to use Google Hangouts for PHI, refer to Google’s user guide for detailed information about security and privacy controls.
Google Hangouts is a communication platform that offers messaging for individuals and businesses. This cloud-based service provides three methods of communication: video chat, VOIP, and instant messaging.
Readers should perform their own research before making the final decision. The information on the JotForm HIPAA Compliance Checker does not constitute official healthcare or legal advice. JotForm is not liable for any damage or liabilities arising out of or connected in any manner with this platform.