From time to time, customers will ask about Skype Messenger and whether or not they can use Skype Messenger and be HIPAA compliant.
The purpose of this post is to determine if the use of Skype Messenger is HIPAA compliant or not.
What is Skype Messenger?
Most are familiar with Skype as a popular video chat and voice chat platform.
First released in 2003, Skype was bought by Microsoft in May 2011 for 8.5 billion dollars. In addition to video calls and voice calls, Skype has an instant messenger app that allows users to to message anyone in the world in real time.
Skype Messenger and the Business Associate Agreement
Although there’s no official certification for software to be considered HIPAA compliant, there are a set of regulations that are needed to be followed. One of the most basic is the requirement for a Business Associate Agreement.
A Business Associate Agreement (BAA) is a written contract between a Covered Entity and a Business Associate.
Since Microsoft now owns Skype we checked both of their websites for indicators of Skype Messenger’s HIPAA compliance.
After looking through their data policy, terms of service and other legal info, we couldn’t find any mention of HIPAA or the BAA in any of those key resources.
Does Skype Messenger Offer HIPAA Compliant Service?
The Business Associate Agreement is a key component of HIPAA compliance between a Covered Entity and a Business Associate.
We were unable to find a single mention of HIPAA compliance or of the existence of a Business Associate Agreement on either Microsoft or Skype Messenger’s sites, and have to conclude that Skype Messenger is not HIPAA compliant.