HIPAA Compliance

Have more questions? Submit a request

HIPAA is the Health Insurance Portability and Accountability Act of 1996. HIPAA is a federal law that outlines national standards to protect sensitive patient health information from being disclosed without the patient’s consent or knowledge. The US Department of Health and Human Services (HHS) issued the HIPAA Privacy Rule to implement the requirements of HIPAA. The HIPAA Security Rule protects a subset of information covered by the Privacy Rule. 

CometChat completes an annual audit to ensure that we meet or exceed the Security and Privacy Rules as related to a Business Associate.

What is involved in a HIPAA plan with CometChat?

Our HIPAA offering includes a Business Associate Agreement which is required to be HIPAA compliant. If  you are subject to HIPAA and providing or processing any PHI in connection with CometChat Services, you must notify us, either by contacting your account manager or submitting a request here, and enter into a BAA. As a business associate, CometChat will take on additional legal obligations even though it cannot confirm the details of data collected or exercise control over users. Depending on your plan, there may be an additional charge for adding a BAA to your account.

Core chat, voice, and video are HIPAA compliant. For any features that require third party integration the Customer should verify HIPAA compliance before integrating via API key or other means. 

If you have entered into a BAA with CometChat, this will be shown on your monthly invoice found in your CometChat dashboard. Ensuring that you are using only HIPAA compliant features, notifying us that you are subject to HIPAA, and all other HIPAA compliance is your responsibility.


Articles in this section

Was this article helpful?
0 out of 0 found this helpful



Please sign in to leave a comment.