Text Link

HIPAA Compliant Chat: 6 Steps that Ensure Ravience's HIPAA Compliance

Find out the steps we take to provide a HIPAA compliant chat service to our clients and protect their patients' health information.

 Min read
January 7, 2021

Medical providers and companies working with patient data need to go the extra mile to ensure they work with HIPAA compliant chat providers to protect patient health information. Working with a live chat service that isn't well-versed with HIPAA compliance could mean:

  • Hefty fines
  • Employee termination
  • Sanctions by medical boards
  • Expensive lawsuits
  • Restitutions

We take HIPAA compliance very seriously and are buttoned-up internally and with our supply chain.

Every company working with patients should exercise diligence and ensure their practice follows HIPAA at all times. At Ravience, we know how important it is to take proper care of your customer’s medical information. Thus, we've taken the extra steps to be a HIPAA compliant chat agency. So you can help patients on live chat knowing their personal information is safe and secure.

1. We Secure Data With a US Host

Foreign servers can act outside HIPAA laws and US jurisdiction. Thus, we've chosen a secure US data center to host all our information to make sure it's protected under HIPAA.

2. We Disable and Delete Chat Transcripts

Sending transcripts with sensitive data via email is inherently insecure. Though we typically email transcripts, we disable this feature for HIPAA-compliance. We take it a step further and delete transcripts from our technology provider's servers after a chat as well.

Related: Everything You Need to Go Live With Live Chat

3. We Turn Off Third-Party Integrations

Data moves back and forth between your chat platform and third-party integrations like Google Analytics. This means Google or any other integration receives data from your live chats. Most live chat services are unaware of this leak, but our understanding gives you extra precaution.

4. We Stop File Sharing During Chats

Live chat platforms can send and receive files between agents and visitors. For example, a patient could send a picture of their:

  • Personal information
  • Medication list
  • Medical history
  • Insurance card
  • Doctor referral

Even if agents delete transcripts, servers store the raw data making it vulnerable. As a HIPAA compliant live chat, we stop file sharing so the data doesn't sit in our servers.

5. We Make Agents Login With 2-Step Verification

All our chat agents must log in with Google's 2-step verification. This process adds extra defense against hackers looking to steal valuable information.

Related: Case Study: Advanced Pain Care

6. We Have a BAA With Our Software Provider

To become a HIPAA compliant live chat, we signed a HIPAA Business Associate Addendum (BAA) with our chat technology vendor. By signing a BAA with our service providers, we make sure our supply chain is HIPAA compliant as well.

Choose a HIPAA Compliant Live Chat With Diligence

You can't afford to put your patients at risk with a live chat provider who does not understand the nuances of HIPAA.

Choosing a provider that merely states 'HIPAA compliant' is a recipe for disaster. You need to dig deep and find out exactly how they comply.

At Ravience, we're proud to have taken all the steps to become a HIPAA compliant chat company. It's opened up an opportunity to work with the largest hospital network in Colorado.

Want to learn more about how Ravience can install HIPAA compliant live chat for your practice? Reach out to us via chat or our contact form.

Here are a few of our HIPAA-Compliant Customers:

Advanced Pain Care
Children's Hospital of Colorado

Like the article? Spread the word

Get raving fan content straight to your inbox.

Join the thousands of others on the Raving Fans email list to receive premium content, exclusive free goods, and all the must-know on a weekly basis.

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.