RingCentral says that is compliant and meets HIPAA standards and regulations. Healthcare organizations must use proper security measures and obtain a signed business associate agreement (BAA) from RingCentral.
The service boasts a “seven layers of security” approach to securing data that transfers through their services. These seven layers include physical, network, data, host, business process, application, and enterprise-level security measures.
Available security measures include transmission security in the form of transport layer security (TLS) and secure real-time transport protocol (SRTP). This encryption means that information should be secure at rest and when in motion. Infrastructure security uses vulnerability scans, firewalls, user authentication, and intrusion detection. Additionally, RingCentral data centers have security protocols with onsite guards and electronic prevention systems.
Healthcare customers must implement proper security measures using the features listed above. Employee training is another important element to ensure the team is using these cloud services in a HIPAA-compliant manner.