Using Zoom? You May Not Be HIPAA Compliant

By Barbara Griswold, LMFT (June 5, 2021)

As some of you already know, if you use Zoom, it is NOT considered HIPAA compatible if you are using the free version. You must be using a paid version (e.g. Zoom Pro, Zoom Business).

To be HIPAA compliant, a telehealth platform (or other vendor) must provide you with a Business Associate Agreement, or a BAA. This is a document that specifies each party’s responsibilities when it comes to handling your clients’ Protected Health Information (PHI). HIPAA requires Covered Entities to only work with Business Associates who assure complete protection of PHI.

But many of us found getting a BAA from Zoom to be difficult, involving many unsuccessful attempts to get one from Support or Sales Departments.

However, good news! This problem seems to now have been fixed. Your BAA can now be automatically created with a few quick steps once you pay for your subscription (or if you already have one).

To get your BAA, be sure you have a paid subscription to Zoom Meetings.

• Go to https://zoom.us. If you have a paid subscription already, click on “Sign In” on the top right.  (To buy a paid subscription, go to https://zoom.us/pricing and buy a Zoom Pro plan, less than $15 a month as I write this)
• On the left side of the page, under “Admin,” click on “Account Management,” and several options will appear below that. Select “Billing.” (if you don’t see all these options, you may need to click on “My Account” in the upper right hand corner first).
• Your Current Plans will be listed, including your Zoom Meeting Account. Below that you will see “Interested in Other Available Plans?”
• Find “HIPAA Enabled Compliance (US Only),” and select “Add to Cart.” There is no charge.

You will now see “HIPAA Enabled Compliance (US Only)” listed under your Current Plans. Under this, click on “View Business Associate Agreement.”