Zoom Rooms is a software-based room system that provides an integrated experience for audio conferencing, wireless screen sharing, and video conferencing. They can be used by room-only attendees or remote participants joining from another room, their desktop, or mobile devices.
Zoom Rooms are designed to bring HD video collaboration into any space, be it the office, classroom, or home, and enable in-person and remote participants to interact in real-time.
Is Zoom Rooms HIPAA compliant? Yes, based on our research, Zoom Rooms can be HIPAA compliant.
Will Zoom Rooms sign a business associate agreement (BAA)?
Yes, Zoom Rooms will sign a business associate agreement (BAA), which can be reviewed here.
What does the Zoom Rooms BAA cover?
The Zoom BAA covers the use and disclosure of protected health information (PHI), enabling "covered entities and business associates to enter into agreements with their business associates to ensure that the business associates will appropriately safeguard PHI."
Their BAA covers:
- Protection of PHI in compliance with HIPAA regulations
- AI features and AI Companion functionality (with some healthcare customer limitations)
- Compliance with PIPEDA and PHIPA for Canadian customers
- Zoom Workplace functionality under healthcare plans
What does the Zoom Rooms BAA exclude?
Their terms say, “Certain AI Companion features may not be available at this time for healthcare and higher education customers with BAAs in place.”
Conclusion
Zoom Rooms signs a BAA and is therefore HIPAA compliant.
FAQs
What is a business associate agreement?
A business associate agreement (BAA) is a legally binding contract establishing a relationship between a covered entity under the Health Insurance Portability and Accountability Act (HIPAA) and its business associates. The purpose of this agreement is to ensure the proper protection of personal health information (PHI) as required by HIPAA regulations.
What is HIPAA?
The Health Insurance Portability and Accountability Act (HIPAA) sets national standards for protecting the privacy and security of certain health information, known as protected health information (PHI).
HIPAA is designed to protect the privacy and security of individuals’ health information and to ensure that healthcare providers and insurers can securely exchange electronic health information. Violations of HIPAA can result in significant fines and penalties for covered entities.
Who does HIPAA apply to?
HIPAA applies to covered entities, which include healthcare providers, health plans, and healthcare clearinghouses. It also applies to business associates of these covered entities. These are entities that perform certain functions or activities on behalf of the covered entity.
