Today we’ll research whether Loom provides HIPAA compliant service or not.
Loom is a video messaging tool that allows users to create and share quick video recordings of their screen, webcam, or both. It is designed to help teams communicate more effectively and efficiently, especially when working remotely or in different time zones.
Loom’s video messages can be shared with individuals or groups via email, messaging apps, or a shared link. It also integrates with other tools such as Slack, Google Drive, and Asana, making it easy to share and collaborate on videos within existing workflows.
Loom and the business associate agreement
There’s a primary item to consider when it comes to Loom and its ability to provide a HIPAA compliant service.
First, let’s start with a quick recap of terms. The Health Insurance Portability and Accountability Act (HIPAA) is a federal law that protects the privacy of individuals’ personal health information, otherwise known as protected health information (PHI).
As we’ve previously discussed, HIPAA applies to covered entities, which includes healthcare providers, health plans, and healthcare clearinghouses. It also applies to business associates of these covered entities. These are entities that perform certain functions or activities on behalf of the covered entity.
A business associate agreement (BAA) is a written contract between a covered entity and a business associate. It is required by law for HIPAA compliance. In the case of Loom, the service would certainly fall into the category of business associate if it’s servicing customers that would store, process, or transmit PHI on its platform.
We checked Loom’s site and found what we were looking for here:
Loom spells it out clearly:
“No. Loom currently is not able to sign Business Associate Agreements in support of customers’ compliance with the Health Insurance Portability and Accountability Act (HIPAA). Please do not send any personal health information to Loom if doing so would violate any of your obligations under HIPAA.”
Does Loom offer HIPAA compliant service?
The Business Associate Agreement (BAA) is a key component to HIPAA compliance between a covered entity and a business associate.
In regards to being considered a HIPAA compliant solution, we were able to learn the following about Loom:
- Loom clearly states it will not sign a BAA with customers.
Conclusion: Loom is not HIPAA compliant.