Is RingCentral HIPAA Compliant? RingCentral as a Telemedicine Solution

Posted by Michael Hsu on 5/21/20 2:00 PM
Michael Hsu

Untitled Design (22)

RingCentral brands itself as an enterprise cloud communication and collaboration solution. Originally intended as a cloud-based phone system, RingCentral scaled to provide comprehensive communication solutions to businesses of all shapes and sizes. 

RingCentral Office is the company’s all-in-one solution, which includes:

  • Cloud phone
  • Team messaging
  • Online meetings
  • Online fax

Aside from that, individual features are available as separate products, and RingCentral also provides an internal messaging app — Glip — so you can choose the package that best fits your needs. 

If you’re a healthcare professional, you’re probably wondering if RingCentral offers all the necessary functionalities and whether it’s a HIPAA compliant solution. 

Is RingCentral HIPAA compliant?

As the company grew, RingCentral recognized the opportunity to market their communication solution to healthcare organizations as well. That’s why they’ve invested significant efforts to ensure the platform and the team messaging app are fully HIPAA compliant.

It’s evident that RingCentral understands the need to protect the confidentiality and integrity of protected health information (PHI) since their platform has multiple layers of built-in security. 

The safeguards RingCentral uses to ensure HIPAA compliance include:

  1. Infrastructure security
  2. Transmission security
  3. Physical security
  4. Compliance
  5. HITRUST

Infrastructure security

RingCentral includes all the required infrastructural safeguards that enable healthcare providers to leverage their services in a HIPAA compliant manner. These include:

  • Firewalls and session control borders
  • Two-way authentication
  • Intrusion detection and analytics
  • System monitoring and vulnerability scans
  • PCI DSS 3.1 compliant payment processing

Transmission security

For any type of communication — which involves sharing PHI — to be HIPAA compliant, the data must be encrypted both in transit and at rest. RingCentral ensures sensitive medical information is protected by utilizing two types of encryption:

  • Transport Layer Security (TLS) 
  • Secure Real-Time Transport Protocol (SRTP)

Physical security

The RingCentral platform is based on SSAE 18 and ISO 27001-audited data centers, and the company follows the latest security standards. The data is also protected in the physical environment, thanks to on-site engineering specialists and full-time security guards.

Compliance

RingCentral doesn’t just boast their HIPAA compliance capabilities without anything to back up their claims. They undergo a third-party SOC2+ audit annually to ensure all the HIPAA rules have been met and that the necessary safeguards have been properly implemented. You can even get in touch with the company and request a copy of the latest report. 

Problems with RingCentral

RingCentral is fully HIPAA compliant, so you won’t get into any trouble for violating the HIPAA rules and regulations if you opt for this solution. That said, just because RingCentral is HIPAA compliant, it doesn’t mean it’s the best solution for your practice. 

If you’re considering switching to telemedicine or adding virtual appointments to your portfolio of services, you may encounter quite a few problems and hurdles with RingCentral. The most prevalent issues with this platform are:

  1. You can only host one meeting at a time
  2. RingCentral Meetings is powered by Zoom
  3. Your customers will have to download the app to join the call
  4. Some features are hidden behind a paywall
  5. The platform doesn’t offer EHR integration
  6. RingCentral doesn’t offer review management
  7. Poor customer reviews

You can only host one meeting at a time

Although at a glance, RingCentral may appear like a solid option for healthcare providers, if we look a bit deeper, we’ll find that the RingCentral Office platform is actually quite limiting. 

One of the biggest limitations is that you can only host one meeting at a time. This isn’t something that RingCentral tells you ahead of time. Their clients had to learn this the hard way when they attempted to host two meetings at a time, only to find out that starting the second one ends the first meeting.

Why is this such a big issue for healthcare organizations? When you think about it, this means only one person can talk to one patient at a time. This means that, even if you have multiple doctors available, only one of them can attend a video call with a patient, while everyone else is either idling or has to wait for their turn. 

On top of that, this significantly increases the time doctors spend with patients. They’d have to first gather all the relevant information, get them to fill the intake form, treat the patient, then send them the visit summary and other documentation before moving on to the next patient. This way, even if all your doctors are available to admit patients online, you’ll be limited to treating ten patients a day at most. 

RingCentral includes a waiting room, but it gives off the impression that it’s an improvised feature added after multiple client requests rather than a well-thought-out functionality. Sure, your patients can wait for the doctor in the virtual waiting room, but given that only one meeting can take place at any given time, a patient who’s third in the queue will have to wait several hours for their turn. It’s obvious this isn’t something your patients will find appealing.

With Curogram, not only can you host multiple video calls simultaneously—you can also create as many separate virtual clinics for different medical conditions as you want. The MAs can tend to patients in the waiting rooms and prepare them for the visit so that the doctors can focus on treating them rather than on administrative tasks. 

Every available doctor can see all the patients in the waiting room, as well as how long they’ve been in the queue, and initiate a video call as soon as the patient is ready. 

RingCentral Meetings is powered by Zoom

Another thing to be aware of is that RingCentral doesn’t provide its own virtual meeting platform. They are powered by Zoom, which begs the question we’ve answered in detail in another article — is Zoom HIPAA compliant

What we want to highlight here are the various security exploits and issues Zoom encountered recently. Users have uncovered that cyber criminals could hack Zoom to spy on private conversations, which resulted in the vast majority of companies utilizing this solution to switch over to more secure options.

Zoom’s privacy risks and dubious security practices enabled users to join private, password-protected meetings and pull all kinds of pranks — ranging from sharing hate-filled messages and pornographic materials to joining as AI-powered deepfake of Elon Musk and interrupting ongoing meetings. 

This immediately raised alarms and sprung the question of how secure the information shared via Zoom actually is. For healthcare professionals dealing with PHI, this spelled a huge NO. 

Zoom is working on updating its security measures and rectifying the damage done, but it’s doubtful companies will be able to trust Zoom in the future. The fact remains that they claimed they were HIPAA compliant and had the latest security safeguards in place, prior to these incidents.

With that in mind, we strongly recommend avoiding RingCentral meetings. Despite the company’s best efforts to make their platform 100% secure, it would appear that their business associates aren’t on par. 

Curogram offers you a much better alternative — a HIPAA compliant platform that is based on secure servers and includes video call capabilities, and protected with multiple layers, using the latest security standards. 

Your customers have to download the app to join the call

Although RingCentral might be a good option for internal messaging — excluding the Meetings feature for the reasons stated above — if you intend to host virtual appointments, you must also consider the patients’ perspective. 

Given the fact that your patients would have to download the RingCentral App prior to joining the call, RingCentral isn’t the most convenient solution. With Curogram, you can simply send your patient an SMS with the link they can click to join the video call — it doesn’t get any easier than this! 

The issue with RingCentral goes way deeper than simply requiring the patients to download the app first. Multiple users reported that their clients had issues joining the calls, or that they would drop in the middle of a meeting. 

Imagine how your patients would react. They wouldn’t think that the third-party service you’re using is bad. They’d be frustrated with your organization, as you’re the one who chose to use this service. Opting for an unstable video solution would definitely poorly reflect on your practice’s reputation, and you would risk losing patients to other providers who offer better remote services. 

Some features are hidden behind a paywall

At Curogram, we believe transparency is the key to lasting business relationships. 

That’s why, when you opt for our telemedicine and two-way messaging platform, you know exactly what you’re getting, and you have access to every feature from the get-go. We also offer a free trial, so you can see exactly how Curogram works in practice and have the opportunity to fully test out the functionality of our platform before making a commitment.

From what we have seen on RingCentral website and what we’ve read from their user reviews, they don’t seem to have the same policy. Some of the features necessary for healthcare professionals are hidden behind an additional paywall.

For instance, unlimited storage is only available with the RingCentral “Ultimate” package. One of the HIPAA requirements states that you must have a backup of all the data you share, which you can access in case of an emergency. While Curogram offers this by default as a built-in feature, RingCentral practically forces healthcare professionals to opt for the most expensive package as the only solution that includes unlimited cloud storage. 

RingCentral pricing plan also reveals that different pricing plans provide a varying number of toll-free minutes. 

RingCentral Pricing Plan — Toll-free minutes

Essentials

Standard

Premium

Ultimate

100

1,000

2,500

10,000

What this means is that you can make a limited number of free phone calls — regardless of if your staff members are talking among themselves, with other providers, or patients. After you’ve used up the toll-free minutes, you’ll have to pay 3.9¢ per minute. 

Even if the difference in price at the end of the month is a couple of dollars, we still cannot justify additional expenses when paying monthly subscriptions for a solution, and neither should you.

RingCentral platform doesn’t offer EHR integration

There’s a reason why RingCentral doesn’t mention EHR integration and doesn’t respond to customer inquiries regarding this capability — their platform doesn’t integrate with any EHRs.

Screenshot taken from RingCentral website:

rc

EHR integration should be one of the main features of a telemedicine solution. If you shared PHI via a platform that doesn’t offer this capability, you would have to manually enter all the information into your EHR. In other words, you would be wasting valuable time on tedious administrative tasks, rather than spending that time treating patients. 

That’s why Curogram integrates with over 700 EHRs — to eliminate the need for double entry and help you optimize the business operations of your practice. 

Curogram EHR integrations

eClinicalWorks

Athena

Epic

Cerner

DrChrono

NextGen

Practice Fusion

CareCloud

Kareo

OfficeAlly

See More Integrations Here

RingCentral doesn’t offer reputation management

Telemedicine is quickly advancing, with more than half of the U.S. hospitals having a telehealth program. The need for remote healthcare services became all the more apparent during the COVID-19 outbreak. 

With the number of healthcare providers embracing telemedicine rapidly increasing, you can’t afford to lag behind. Patients are quickly becoming aware of the possibility to attend doctor’s appointments online, and it’s safe to say a good number of them will rely on this functionality even after the COVID-19 pandemic. 

This gives your practice an opportunity to attract new patients by offering them advanced remote services. Before patients opt for your practice over one of your competitors, most of them will read a couple of online reviews first. 

That’s why we believe reputation management is an essential feature of a comprehensive telemedicine solution. Curogram enables you to send review requests to people who are most satisfied with your services, allowing you to boost your online visibility and attract new patients. After an online visit, a patient can give you a score on a scale from one to ten. 

Whenever a patient gives you a high score, you can prompt them to leave a positive review. They receive a direct link and can give you a five-star rating with a single click, making it easy to generate hundreds of superb reviews. 

RingCentral doesn’t include this option, so you would have to figure out another way to promote your practice online and invest in a marketing solution to introduce your telemedicine services to potential patients. 

RingCentral has dozens of poor customer reviews

Speaking of reviews, RingCentral itself has dozens of poor customer reviews from unsatisfied customers. 

The most common complaint is the lack of customer support, where users are left to their own devices when they encounter a problem. The stability of the platform seems to be another issue users often face, with phone lines going offline multiple times a day.

Some users also report that they were bound by 24-month contracts after automatic renewal and that the company kept charging them even after they were physically unable to use their services (e.g., the organization’s headquarters blew up, destroying all the phones they used). 

There were also several instances where RingCentral overcharged the clients or charged their cards twice. The users shared they had to email and call RingCentral customer support repeatedly, often for several days, to try and get the issue sorted.

Taking everything into consideration, it’s evident RingCentral isn’t a reliable platform for healthcare professionals. Although they may be fully HIPAA compliant, their business ethic is questionable, and the functionality of their platform is heavily limited.

Ensure a successful start to telemedicine with Curogram

Curogram is a much better alternative to RingCentral for the variety of reasons we’ve mentioned in this article.

Our platform is designed specifically for healthcare professionals and offers everything you need, all in one place:

  1. A two-way messaging platform — quickly and easily communicate with patients, send automated, fully customizable appointment reminders with our HIPAA compliant texting solution, and share PHI in a secure environment
  2. Internal staff messaging solution — share PHI among staff members or with your partners and quickly create different channels to discuss work-related topics
  3. EHR integration — eliminate redundant administrative tasks and spend valuable time treating patients rather than manually entering data into your EHR
  4. Virtual appointments — Treat patients remotely in an environment that mimics in-person workflows. Create multiple virtual clinics and have the medical staffs and MAs prepare patients in the waiting rooms, allowing each doctor to admit up to 40 patients daily

If you’re looking for a 100% secure, fully HIPAA compliant solution that will allow you to transition to telemedicine or implement remote services in your practice — Curogram is the perfect option!

Partner with us today and ensure a successful telemedicine start with Curogram.

Wondering if other solutions are HIPAA compliant?

Are they HIPAA compliant?

Is Zoom HIPAA Compliant?

Is Skype HIPAA Compliant?

Is WhatsApp HIPAA Compliant?

Is Google Hangouts HIPAA Compliant?

Is FaceTime HIPAA Compliant?

Is GoToMeeting HIPAA Compliant?

Is Google Voice HIPAA Compliant?

Is HelloFax HIPAA Compliant?

Is eFax HIPAA Compliant?

Is Facebook Messenger HIPAA Compliant?

Is Email HIPAA Compliant?

Is Texting HIPAA Compliant?

Is Slack HIPAA Compliant?

 

Topics: HIPAA, RingCentral

Patient 2-Way Texting

Curogram provides “All-In-One” texting and HIPAA compliant messaging platform for independent practices, physician groups, and clinically integrated networks.

Subscribe Here!

Recent Posts