HIPAA compliance may not be a thrilling subject for everyone — but for our customers who need it? They really need it.

When you’re handling sensitive data like Protected Health Information (PHI), you need to ensure the tools you use adhere to the same high privacy and security standards you do.

For organizations that require HIPAA-compliant email, there’s an additional layer of complexity when it comes to evaluating tools. We know it’s not easy, so we try to make things as simple and clear as we can.

What is HIPAA?

HIPAA stands for the U.S. Health Insurance Portability and Accountability Act, which, among other rights and protections, requires the confidential handling of PHI, or Protected Health Information.

Help Scout maintains ongoing compliance with the U.S. Health Insurance Portability and Accountability Act and is able to process, maintain, and store protected health information for any entities restricted by these regulations.

A HIPAA-compliant help desk

To maintain HIPAA compliance, we conduct annual risk assessments and take exceptional care to secure and encrypt data — we enforce the same level of encryption that banks and other financial institutions do. Help Scout is hosted on Amazon Web Services (AWS), a scalable cloud-based computing platform with end-to-end security and privacy features built in.

We also require every Help Scout employee who supports our customers (and because we practice whole-company support, that’s all of us!) to complete HIPAA training each year. Of course, we never access customer accounts unless we’re explicitly asked for help.

HIPAA training video We currently use Accountable for our annual employee HIPAA training.

For organizations that require a business associate agreement (BAA), we can sign those upon request as well. After it’s signed, we turn on a set of features on your Help Scout account that removes identifying information from any notifications.

Further Reading

Not all customer support software is created equal

There aren’t too many HIPAA-compliant help desks out there, and the few that do exist often lack other features support teams need to do their work (such as reliable CSAT ratings and other reports). But integrating extra apps to bridge those gaps is another can of worms, because those third-party tools also need to be HIPAA-compliant.

That’s why Help Scout is often a good fit for entities who want to centralize their customer support in a HIPAA-complaint way — because in addition to high security and privacy standards, Help Scout offers features like notifications, tagging, and workflows (not to mention chat, coming soon!), which make sense for other customer service-related goals as well.

Download Your Free Guide

Download Your Free Guide

From your initial search to final purchase and setup, this unbiased resource will help make choosing any help desk easier.

Keeping the personal touch

Just because you’re accountable to rules and regulations doesn’t mean your email support has to be impersonal.

You can comply with HIPAA regulations and treat your customers and other stakeholders like the humans they are.

The unfortunate side effect of many help desks is that the customer experience suffers. Users encounter barriers instead of frictionless communication; every customer who starts a conversation has the fact that their “ticket” is being processed shoved in their face.

The best help desk is the one your customers don't even notice. There is something about a plain text email that is friendly and familiar. We send these emails to our friends, co-workers, and family members. We don't send them aggressively stylized, amorphous pamphlets that place design over function.

When your customers receive emails from you, the fact that it looks like any other email means that it doesn’t place a visual barrier between them and your company — you get to have a personal conversation with a human touch.

Patients deserve to have their personal information protected, but nothing about those protections precludes health care providers from treating them like humans. To that end, health care organizations and Help Scout share the same goal: helping people.

Talk to our friendly team about how Help Scout just might be the HIPAA-compliant help desk of your dreams.

Emily Triplett Lentz

Emily Triplett Lentz

Emily is the blog editor at Help Scout, the invisible help desk that helps you build a company your customers love with more human, more helpful customer support tools.

Help Scout gives you the tools to serve customers in the most human, helpful way.

Better experience for your customers, fewer headaches for your team. You'll be set up in minutes.

“We were able to utilize Help Scout with minimal technical support. All in all, we got Help Scout integrated and the team trained in a day.” — Brianne Hederlong, Community Experience Director