Help Scout is a software provider that offers help desk services including a knowledge base and customer support platform. But is Help Scout HIPAA compliant? The answer is discussed below.
Is Help Scout HIPAA Compliant: Security Features
An important part of complying with HIPAA is ensuring the confidentiality, integrity, and availability of protected health information (PHI). This is accomplished by implementing security features that prevent the unauthorized use and disclosure of PHI.
Help Scout offers the following security features:
Confidentiality. Help Scout implements encryption to secure data transmitted and stored through their platform. Encryption masks sensitive data, preventing unauthorized access as only those possessing a decryption key can access the data.
Integrity. PHI integrity refers to how data is altered or destroyed. To ensure the integrity of PHI, data cannot be deleted or altered without authorization. As such, Help Scout gives administrators the ability to delete data, and Help Scout only accesses a customer’s account when a request is made by the user for assistance.
Availability. It is essential that data can always be accessible when needed. Help Scout enables data backup so that data can be easily accessed and restored should the original copies of PHI be damaged or destroyed. In addition, Help Scout allows users that decide to cancel their accounts the ability to access their data at any time.
To read more about Help Scout and HIPAA, please click here.
Is Help Scout HIPAA Compliant: Business Associate Agreements
Even when a software platform is secure, it cannot be considered HIPAA compliant if the software provider is unwilling or unable to sign a business associate agreement (BAA). A BAA is a legal document that mandates the protection a business associate is required to have in place securing PHI. A BAA also requires each signing party to be responsible for maintaining their own HIPAA compliance.
As a software provider is considered a business associate under HIPAA, healthcare organizations must have a signed BAA with the provider before it is permitted to share PHI with the provider.
Help Scout states on their website that they are willing to sign a BAA with their “Plus” and “Company” customers.
For more information on Help Scout and BAAs:
For subcontractors: https://www.helpscout.net/company/legal/baa-subcontractor
For covered entities: https://www.helpscout.net/company/legal/baa-covered-entity
Is Help Scout HIPAA Compliant?
Is Help Scout HIPAA compliant? Yes, but only for Plus and Company customers, provided you have a signed BAA and utilize the software in a HIPAA compliant manner.
