With videoconferencing virtually everywhere and telehealth growing in popularity, finding a telecommunication application or provider that is HIPAA compliant is vital to your business. One of the earliest widespread teleconferencing tools was Microsoft Lync 2010.
HIPAA Compliant Software Usage
Under HIPAA, software companies that “touch” (create, receive, maintain, or transmit) protected health information (PHI) are considered business associates. For HIPAA compliant use, software must have technical and administrative safeguards securing the PHI that is transmitted, stored, received, maintained, or created through them. Additionally, there must be a signed business associate agreement between a covered entity and the business associate before the platform can be utilized in conjunction with PHI.
However, no software can be fully HIPAA compliant; it is up to the end user to ensure that they are using the platform in a HIPAA-compliant manner.
Is Microsoft Lync HIPAA Compliant: Safeguards
Many IT professionals remember that Microsoft Lync was notorious for being difficult to manage and configure. In spite of that, it was possible to deploy Lync on-site in a way that met the HIPAA requirements for compliance.
Unfortunately, if you’re still using Lync in your organization, the bad news is that Lync has officially reached its end of life. That means Microsoft will no longer provide support, including vital security updates.
Is Microsoft Lync HIPAA Compliant: Business Associate Agreement
Microsoft states on their website that they are willing to sign business associate agreements. However, the validity of such an agreement would be highly questionable given the application’s end of life status.
Is Microsoft Lync HIPAA Compliant?
When used properly, is Microsoft Lync HIPAA compliant? The answer is no. A lack of available support and security updates means that Lync users seeking compliance should break their connections to the application.
For more information on HIPAA compliant teleconferencing tools please click here.