Is Google Meet HIPAA Compliant? The Truth About Google Meet and HIPAA Compliance

As our world becomes increasingly digitized, we have to ask ourselves just how secure a platform is for transmitting and storing sensitive patient data. 

One of the most widely used video conferencing platforms in today’s market is Google Meet. 

This leaves clinics, physicians, and healthcare organizations asking: is Google Meet HIPPA compliant with the Health Insurance Portability and Accountability Act (HIPAA) standards?

In this post, we’ll explore where Google Meet’s technology is in terms of addressing HIPPA compliance, and the additional security measures clinics may want to take in order to use this platform securely.

What is Google Meet?

Formerly known as G Suite, Google Workspace is a cloud-based collection of Google services, apps, and products intended for professional and business use. 

• In 2020, Google Meet added nearly 3 million users daily (1)

• More recent reports have touted Google meet has nearly 100 million daily users (2)

Google Meet is essentially the business version of Google Hangouts, Google’s video conferencing service that comes with a non-business Gmail account.

How do clinics and healthcare organizations benefit from using Google Meet: 

• Google provides ubiquitously used software tools, making it easy for patients and care practitioners to use for communication. 

• Google is partnering with other electronic healthcare organizations to improve their services (3)

Google Meet also offers the following security features (4):

• Invitation-only meetings

• Limited entry time

• Only meeting hosts can allow users without an invitation to a call

• 2-factor authentication (2FA)

• In-transit encryption

• Recorded Meet videos are encrypted and stored in Google Drive (only when recording is initiated by a user in the meeting)

• No user attention-tracking software

Is Google Meet HIPAA Compliant for Telehealth Services?

Many VOIP and videoconferencing services used by healthcare providers and organizations claim to follow HIPAA requirements, with some creating specialized HIPAA-compliant plans for healthcare professionals.

For example, healthcare organizations must sign an agreement known as a business associate agreement, or BAA, with Google to use a version of Google Meet in compliance with HIPAA.

Does this mean Google Meet is HIPAA compliant?

Having a Business Associate Agreement Does Not Make Google Meet HIPAA Compliant

Even with Google Meet’s existing security measures and a HIPAA BAA in place, Google Meet communications are not necessarily HIPAA compliant. Google Meet (and many other popular video conferencing platforms) is vulnerable to security breaches.

How Do I Make Google Meet HIPAA Compliant?

So does your clinic, practice, or organization need to migrate communication from Google Meet to a fully HIPAA compliant video conferencing platform?

Fortunately, no. 

Our team at Zerify identified a growing need for video conferencing security in healthcare. We also realize that it’s incredibly difficult to shift communication from a platform your patients and staff are already comfortable using, to a completely new piece of software. 

This process can be costly in terms of time and finances as you: 

• Research and compare HIPAA compliant video conferencing solutions

• Invest in and sign a contract on a new service or piece of software

• Train your staff and patients on how to use it

• Fully integrate a new piece of communication software across every level of your organization

Which is why we created Zerify Defender–– our desktop video conferencing security agent that can make Google Meet (and virtually any other video conferencing software) fully HIPPA-compliant. 

Comply with HIPAA Regulations Using Zerify Defender

With Zerify Defender, healthcare providers and organizations do not need to change their default video conferencing service to ensure it meets privacy standards under HIPAA.

Zerify Defender works as an add-on for Google Meet and other video conferencing platforms, securing vulnerabilities through the following features:

Video and Audio Lockdown

Zerify Defender secures access to your device’s camera, microphone, and speakers. Without the ability to see or hear a video conference call, hackers are less likely to steal any PHI or valuable data.

Anti-Screen Capture

Along with locking down audio and video, Zerify Defender also prevents spyware from taking screenshots of your conference call to maximize the protect of your clinic’s and patents’ private information.

Clipboard and Keystroke Protection

Zerify Defender is a proactive security solution that prevents cyber attacks before they happen. But even if your device has already been infected with malware, Defender can still protect key data. It prevents malware from stealing information on your clipboard as well as sensitive information typed on your keyboard.

Contact Zerify to Learn More about Google Meet HIPAA Compliance

To start using Google Meet in compliance with HIPAA, contact Zerify today to learn more about our suite of secure video conferencing solutions.