Today, we’ll research whether Linktree can be HIPAA compliant or not.
WHY IT MATTERS
Organizations that fall under HIPAA regulations face hefty fines for using cloud software that isn’t HIPAA compliant. Moreover, when it comes to link-in-bio tools like Linktree, many small healthcare practices use them to communicate with patients and schedule appointments.
THE BIG PICTURE
Linktree, according to their site, “is a tool to help you share everything you are, in one simple link – making your online content more discoverable, easier to manage, and more likely to convert.”
While initially popularized by creators, Linktree is used by therapists, chiropractors, and many other smaller covered entities. Because Linktree provides a convenient link to place in a social media profile’s bio, even large healthcare organizations sometimes use it on their social media properties.
Linktree offers scheduling, marketing, and contact tools, so HIPAA-compliant communication is an important consideration.
Linktree and the business associate agreement
There’s a primary item to consider when it comes to Linktree and its ability to provide a HIPAA compliant service.
First, let’s start with a quick recap of terms. The Health Insurance Portability and Accountability Act (HIPAA) is a federal law that protects the privacy of individuals’ personal health information, otherwise known as protected health information (PHI).
As previously discussed, HIPAA applies to covered entities, including healthcare providers, health plans, and healthcare clearinghouses. It also applies to business associates of these covered entities. These are entities that perform certain functions or activities on behalf of the covered entity.
A business associate agreement (BAA) is a written contract between a covered entity and a business associate. It is required by law for HIPAA compliance. In the case of Linktree, the service would certainly fall into the category of business associate if it’s servicing customers that would store, process, or transmit PHI on its email platform.
We checked the Linktree site and found no mention of HIPAA compliance or willingness to sign a BAA in their website documentation.
Does Linktree offer HIPAA compliant service?
The Business Associate Agreement (BAA) is a crucial component of HIPAA compliance between a covered entity and a business associate.
In regards to being considered a HIPAA compliant solution, we were able to learn the following about Loom:
Linktree does not state it will sign a BAA with customers.
Conclusion: Linktree may not be HIPAA compliant, but we recommend you contact them directly.
Can Linktree be HIPAA compliant?
While Linktree won’t sign a BAA, it’s possible to use HIPAA compliant add-ons with Linktree. For example, you can use a HIPAA compliant schedule link like Cal.com, which will sign a BAA. Also, it’s possible to use link-in-bio tools to direct people to a HIPAA compliant form.
Ultimately, Linktree may not be HIPAA compliant, and it’s important to be careful about using them if you’ll be storing or transmitting PHI.