Today we’ll research whether Freshping provides HIPAA compliant service or not.
WHY IT MATTERS
Organizations that fall under HIPAA regulations face hefty fines for using cloud software that isn’t HIPAA compliant.
THE BIG PICTURE
Freshping is a website monitoring and uptime monitoring service provided by Freshworks. It allows website owners and administrators to monitor the status of their websites, servers, and web applications to ensure that they are running smoothly and are accessible to their customers.
Freshping also provides detailed reports on website performance, response time, uptime, and downtime, enabling users to identify and troubleshoot any issues. Additionally, it offers integrations with other tools such as Slack, PagerDuty, and Zapier, to streamline incident management and automate processes.
Freshping and the business associate agreement
There’s a primary item to consider when it comes to Freshping, its parent company Freshworks, and their ability to provide a HIPAA compliant service.
First, let’s start with a quick recap of terms. The Health Insurance Portability and Accountability Act (HIPAA) is a federal law that protects the privacy of individuals’ personal health information, otherwise known as protected health information (PHI).
As we’ve previously discussed, HIPAA applies to covered entities, which includes healthcare providers, health plans, and healthcare clearinghouses. It also applies to business associates of these covered entities. These are entities that perform certain functions or activities on behalf of the covered entity.
A business associate agreement (BAA) is a written contract between a covered entity and a business associate. It is required by law for HIPAA compliance. In the case of Freshping, the service would certainly fall into the category of business associate if it’s servicing customers that would store, process, or transmit PHI on its email platform.
We checked the Freshping site and found:
In a nutshell:
- Freshworks, the parent company of Freshping, does offer a BAA
- Freshping however, is not included as being in scope of the Freshworks BAA
Are we sure Freshping is HIPAA compliant?
The BAA is a key component to HIPAA compliance between a covered entity and a business associate.
While Freshworks does offer a BAA to its customers, Freshping is not included in it.
Conclusion: Freshping is not HIPAA compliant.