8. April 2021
Is goToMeeting PPAA complaint? Can GoToMeeting be used by HIPAA companies and their business partners to communicate protected health information without violating HIPAA rules? Hello everyone, we ended up with all the layers of people at gotoassist/logmein makers on BAAS (Business Associate Agreement.) You do not grant BAA and refer to terms that prohibit gotoassist from being used for this purpose. I can keep talking about how logmein and gotoassist can`t be used for data covered by PHI/HITECH, not the point here. GoToMeeting is LogMeIn`s online meeting and video conferencing tool. It helps companies improve communication and collaboration with their employees, customers and other businesses. Health organizations can also benefit from GoToMeeting if it complies with HIPAA. The use of a non-HIPAA service results in a violation of patient privacy, a violation of HIPAA rules and the possible payment of a substantial fine. Hello Joe,If you refer this because of hipaa requirements, then this document should answer most questions: www.gotomeeting.com/meeting/hd-video-conferencing-resources/documents-reports/gotomeeting-an… Under the Health and Accounting Act 1996, a HIPAA Business Association Agreement (BAA) is a contract between a company covered by HIPAA and a HIPAA business partner (BA) or downstream business partner. The contract protects personal health data (PHI) in accordance with HIPAA guidelines. For covered companies or business partners wishing to place POS on the platform, there must be a BAA, but no manual configuration is required to allow for functional improvements. While technical security measures meet hipaa requirements, hipaa companies must also enter into a partnership agreement with service providers in accordance with HIPAA before using a PHI communications service. GoToMeeting proposes a counterparty agreement covering the use of the service and meeting this regulatory requirement. Is GoToMeeting HIPAA compatible? Before you see The Technical Protection Features of GoToMeeting, you should note that it is possible to use HIPAA-compliant software and tools in a non-compliant manner.
The entity or counterparty covered by HIPAA is responsible for ensuring that any software or program it uses is properly configured and used correctly. It is their duty to ensure that the PPH is only passed on to authorized persons and that the minimum standard required is in place. GoToMeeting also confirms on its website that „the technical security controls applied in the GoToMeeting service and the associated host and client software meet or exceed HIPAA technical standards.“ Can HIPAA companies and business partners use GoToMeeting? I`m sure you`re sure. Just make sure you set up the settings to meet the needs of the specific environment and user population.