Is Google Meet HIPAA Compliant?
If you’re subject to HIPAA (i.e. involved in the healthcare sector), then you must know about the HIPAA compliance for the apps you’re using. In that respect, Google Meet is indeed HIPAA compliant. In fact, G Suite in its entirety is compliant. This includes many useful apps such as Google Chat, Google Meet, Google Docs, Google Calendar, and many others.
Read on for a detailed overview and instructions for using Google Meet under HIPAA.
Even though Google Meet is HIPAA compliant, there are rules you need to follow to keep it that way. First, you need to subscribe to Google G Suite and use Google Meet in association with your premium account. Note that the free version of Google Meet isn’t HIPAA compliant.
Second, to protect the PHI (protected health information) of your patients and comply with the Health Insurance Portability and Accountability Act, you must sign a Business Associate Agreement with Google.
Review the BAA thoroughly, and if you agree with the content, you can accept it. You can only do that if you’re the administrator of the G Suite account your company or organization is using. Here’s how to receive the BAA:
- Log in to the Google Admin console.
- Select your Company Profile.
- Then, tap on Show More, followed by Legal and Compliance.
- Select the Review and Accept button regarding the HIPAA BAA.
- Answer the questions, accept the BAA. Only proceed if you’re an entity covered by HIPAA.
G Suite HIPAA Compliance Tips
If you meet all the requirements from the previous section, and you have completed everything accordingly, there are still measures you need to make. You should know which parts of G Suite are HIPAA compliant:
- Google Meet (previously Hangouts Meet)
- Google Drive (Docs, Forms, Sheets, and Slides)
- Google Sites
- Google Keep
- Google Calendar
- Google Cloud Search
These are the apps that are entirely covered. Some partially covered apps include Google Hangouts, which only has HIPAA compliant text chat, and Google Voice for managed users exclusively. The best place to learn more about HIPAA compliance related to G Suite is from this document.
It’s an official HIPAA implementation guide provided by Google. Read it carefully and share it with your employees, so everyone is on the right track. Signing the BAA and using only the HIPAA compliant app features is just half of the job.
You need to make sure to keep the PHI safe at all times. Use two-factor authentication, strong passwords, and manage the permissions you’re giving to employees. You should never let your guard down and become complacent because that’s when mistakes can happen.
Take Full Advantage of the G Suite
Besides video-conferencing enabled by Google Meet, G Suite brings many other HIPAA covered tools. You’ve got text messaging with Google Hangouts, just make sure not to use its VOIP, video, or SMS features.
Google Keep is there for making quick notes on the go without worries. Gmail is one of the best email clients, but the G Suite version is even better than the free one. With G Suite, you can get up to 30 gigabytes of extra storage. Plus, this version of Gmail is ad-free.
Google Calendar is best used in combination with Google Meet, for seamless meeting scheduling with your team. Google Drive is also HIPAA compliant, and a great storage facility for all sorts of files across many devices. In turn, Google Docs can be used for editing and viewing those files.
The list goes on, but you get the point. G Suite is a package deal, and if you’re a HIPAA covered entity, you can make great use out of it.
HIPAA Compliant Meetings
Online video conferencing with Google Meet is incredibly useful, especially when you’re physically detached from your patients, employees, or customers. For HIPAA covered entities, it’s of utmost importance that the service is fully covered and protects the PHI.
G Suite provides an array of amazing apps, which are all built to work in unison. Which of the apps is your favorite? Did you manage to get everything in order? Let us know in the comments section below.