Skip to the main content.
Talk to sales Start for free
Talk to sales Start for free

2 min read

Is SmartBot360 HIPAA compliant?

Hannah Trum December 15, 2020

Email cybersecurity
Is SmartBot360 HIPAA compliant?
Is-SmartBot360-HIPAA-Compliant-Paubox A live chat solution can help healthcare providers engage with patients in a quick, direct manner. However, it is important for covered entities to choose a HIPAA compliant option. Today we’ll explore SmartBot360 for HIPAA compliance.

About SmartBox360

SmartBot360 is a chatbot service that offers customizable workflows and “healthcare templates” for “small offices or enterprise healthcare websites.” The solution integrates with various programs, including Google products , HubSpot , Salesforce , and Facebook Messenger .

 

SmartBot360 and business associate agreements

To remain HIPAA compliant, a covered entity and a business associate must sign a business associate agreement (BAA).  Despite boasting itself as HIPAA compliant, SmartBot360’s website makes no mention of BAAs. We reached out to the company to inquire about a BAA but did not receive an answer.  The company’s website states, “HIPAA privacy and security has been built into the platform from day one and not as an afterthought. We have developed proprietary techniques to balance security with frictionless patient experience.” However, SmartBot360 shares no extra information about what these privacy and security measures are. Additionally, the company states that it will not share individual information with any third party outside the chatbot owner. It also does not sell user data.
Free Whitepaper "Top Five Barriers to Secure Email Communication and How to Overcome Them"
Download now

 

SmartBot360 and protected health information

Keeping protected health information (PHI) safe is an integral part of HIPAA compliance. PHI is considered any information that can identify a patient and is used during patient care.  While SmartBot360’s website makes no mention specifically of PHI, its Privacy Policy does state, “Wherever we collect sensitive information, that information is encrypted and transmitted to us in a secure way.” 

 

Conclusion

A crucial part of maintaining HIPAA compliance is an executed BAA. We found no information on SmartBot360’s willingness to sign a BAA.  We reached out to SmartBot360’s customer support team to inquire about BAAs but did not receive a reply.  However, the company boasts its HIPAA compliance and healthcare clients on its website.  Therefore, it is inconclusive if SmartBot360 is HIPAA compliant.

 

Worry-free communication with HIPAA compliant email

It is possible to use SmartBot360 regardless of its HIPAA compliance status, but covered entities must make sure not to send or receive PHI via this solution unless there is an executed BAA.  Another direct communication line healthcare providers should consider is a HIPAA compliant email solution, like Paubox Email Suite With our product, outbound emails encrypt by default. You send from your existing email platform (such as Microsoft 365 and Google Workspace ). Paubox Email Suite requires no change in your email behavior. Leave the patient portals and logins behind .
 
Try Paubox Email Suite for FREE today.
Start for free

Subscribe to Paubox Weekly

Every Friday we'll bring you the most important news from Paubox. Our aim is to make you smarter, faster.