Info iconLetter I in a circle

By continuing to use this site you consent to the use of cookies in accordance with our cookie policy

Intercom HIPAA

Health matters: Store and process healthcare data in a HIPAA-compliant manner using Intercom

Main illustration: Jason Yim

The onset of COVID-19 has accelerated a digital transformation in the healthcare industry, resulting in changes to how patients receive care and how medical records are stored and processed.

From healthcare providers to insurers and others, the pandemic is rapidly driving organizational change and prompting businesses to consider future needs by adopting new technologies to replace or assist with historically manual workflows without compromising on care or privacy.

At Intercom, the security and protection of our customers’ data is of the utmost importance.

As the industry has moved towards online channels for healthcare, Intercom is dedicated to ensuring that these businesses can continue to support their patients and customers during this time, in a way that safeguards their protected health information (PHI) and electronic protected health information (ePHI), consistently with standards set by government bodies.

That is why we are proud to announce that Intercom has successfully completed a HIPAA attestation examination, which means that we now help our customers fulfil their obligations as we store and process data relating to health in a manner consistent with HIPAA standards.

What is HIPAA?

The Health Insurance Portability and Accountability Act (HIPAA) is a US statute that was introduced in 1996 to implement industry-wide standards for the safeguarding of PHI and ePHI.

“Customers need to be able to trust that their private health information is being protected and their digital privacy respected”

In order to achieve success and sustainability in the future, many organizations in the healthcare industry are turning to technology and digitization. This is allowing for improved patient experience, increased workflow efficiency, and effective data management. However, information security remains a top priority, which is where HIPAA becomes important.

Customers need to be able to trust that their private health information is being protected and their digital privacy respected, and HIPAA is one of the standards they rely on for guidance and consistency.

What does this mean for your business?

We can now enter into Business Associate Agreements with businesses in the healthcare industry and help you to better support your customers and patients while protecting their ePHI data. If your business handles health-related data, there’s never been a better time to start using Intercom’s conversational relationship platform. With Intercom:

  • Healthcare organizations see a 90% median CSAT score.
  • Bots and automation resolve 36% of common healthcare questions automatically.
  • More than 500k healthcare conversations are powered daily.

This HIPAA attestation examination was performed by an independent Certified Public Account firm, who reviewed our HIPAA policies, procedures and controls and assessed them for conformance against the HIPAA Security and HITECH breach notification rule requirements.

The HIPAA attestation report covers both the HIPAA Security Rule and HITECH Breach Notification rule, and a Business Associate Agreement (BAA) which can be made available for execution with applicable customers.

So if you’re an Intercom customer and would like to implement a BAA or see the HIPAA attestation report, reach out to our Sales team or your account manager today.

Ongoing commitment

Over the past year, Intercom has continued to pursue only the highest standards of industry-recognized accreditation.

Our HIPAA attestation report is one of two new additions to Intercom’s security program. We have also recently achieved ISO:27001 certification, adding to our existing security program, which includes SOC 2 Type 2 compliance along with ongoing information security improvements. Finally, Intercom remains compliant with applicable data protection frameworks such as the General Data Protection Regulation (GDPR) and California Consumer Protection Act (CCPA).

This is just the beginning – years from now, when we look back on how millions of healthcare professionals around the world rose to the occasion to combat COVID-19 with unwavering commitment and the industry’s pioneering use of the latest technology, we will undoubtedly see this time as a turning point for digital transformation in healthcare.

As such, Intercom is committed to performing this HIPAA attestation examination annually, to ensure ongoing compliance and to continue to demonstrate the importance we place on protecting our customers’ protected health information.