Over the last decade, many industries have seen a shift in how people want to interact with businesses and service providers, and health care is no different.
Whether it’s a desire to have more flexibility in an already busy schedule, to receive faster care, or due to health concerns that make in-person visits more challenging, patients are all in on telemedicine. In fact, 62% of patients prefer to consult with doctors remotely when possible, signaling that medicine’s move to digital platforms is more than just a pandemic trend.
One thing to keep in mind when adding digital services to your practice’s offerings is that any communication method you roll out needs to be compliant with the Health Insurance Portability and Accountability Act (HIPAA) of 1996. The law requires covered entities like health care providers and health insurance companies to take measures that help prevent the disclosure of protected health information (PHI) without patient knowledge and consent.
Though adhering to all of the law’s requirements might seem overwhelming, many tools are available to help ensure that your patient data is kept safe as you grow your communication offerings.
The 8 best HIPAA-compliant messaging apps
If you think it may be time for your healthcare organization to add live chat or SMS as communications channels, here are eight HIPAA-compliant software platforms to consider.
1. Help Scout - Best for growing healthcare organizations
Help Scout is a software platform that helps healthcare professionals have better conversations with their patients and communities. The majority of the platform’s offerings can be configured to be HIPAA-compliant, including patient-preferred communication channels like live chat.
Connect with patients in real time using live chatÂ
Touch base with patients on their schedule using Beacon, Help Scout’s live chat widget. Place a Beacon on any web page or within your mobile app to allow patients to contact your team for real-time assistance.
Providers and administrative staff can view and reply to chat messages from Help Scout’s user-friendly interface. Create saved replies to respond to common questions with just a couple of clicks, assign conversations to specific team members to ensure patients receive the best care, leave colleagues private notes to aid in collaboration, view patient information in the chat sidebar to provide contextual responses, and easily transition complex chats over to email when more time is needed to reach a resolution.
A shared inbox for collaborative communications management
Email and chat conversations live within Help Scout’s shared inbox. Having all of your patient communications in one place helps create transparency within your team and prevents patient contacts from slipping through the cracks. When managed according to HIPAA requirements, Help Scout’s shared inbox is also considered to be HIPAA compliant.
In addition to the conversation management features mentioned above, you can also tag messages and create conversation views to keep track of similar issues, create workflows to automate repetitive tasks, use snooze and send later features to respond to emails on your schedule, utilize internal notes to collaborate with colleagues, and use Help Scout’s collision detection to help prevent duplicate or conflicting information from ever reaching your patients.
Finally, monitor your efforts with Help Scout’s reporting dashboards. Reports let you keep track of chat and email volume, response time, team performance, emerging issues, and more.
Live chat is only the beginning
Beyond live chat and email communication, Help Scout has additional functionality that can help you increase engagement with your patients and community:
Messages: Keep patients up to date using Messages, a mostly code-free way to provide proactive support and share important news or announcements about your practice.Â
Microsurveys: Collect feedback from patients using microsurveys — short, targeted, HIPAA-compliant surveys that help you gather actionable feedback in the moment.
Docs: Publish answers to frequently asked questions in a knowledge base to help patients find information on their own.
Integrations: Help Scout integrates with over 90 popular platforms and offers an open API to create a solution that suits your business’s needs.
Superior support: Help Scout’s customer service team provides 24/6 coverage, ensuring that you always have the tools needed to provide superior patient care.
A note about HIPAA compliance in Help Scout:
While most of Help Scout’s features can be configured to be HIPAA compliant, integrations between Help Scout and other platforms may not meet HIPAA standards. In addition, Help Scout’s AI features and knowledge base solution, Docs, are not considered to be compliant.
Keeping PHI safe with Help Scout
Help Scout maintains ongoing compliance with HIPAA and can process, maintain, and store protected health information.
Some of the ways Help Scout maintains HIPAA compliance include:
Business associate agreements (BAA): Help Scout will sign a BAA with your organization.
Data storage location: Our data is stored within the U.S. by Amazon Web Services and is protected under a signed BAA.
Uptime and data availability: We strive for a 99.99% uptime across all of our products.
Data security: All Help Scout web application communications are encrypted over 256-bit SSL (secure sockets layer).
Data destruction: Through a thread options menu, you can edit, delete, or hide thread contents. This prevents that information from being sent out again or from being quoted in a future reply. This is helpful if there are multiple parties involved in one conversation.
User authentication: Help Scout supports two-factor authentication (2FA) access for Help Scout credentials or SSO through Google Apps. Certain plans have options for enabling authentication via any SAML-compatible Identity Provider.
IP restrictions: Limiting access to your Help Scout account to a predefined list of IP addresses is available with some plans.
Employee training: All Help Scout employees undergo annual HIPAA training.Â
Audits Help Scout completes regular audits and annual risk assessments to ensure continued HIPAA compliance.
For more information on HIPAA compliance and security at Help Scout, visit:
Secure patient communication at a competitive priceÂ
Though all of the options on this list will provide you with HIPAA-compliant messaging, Help Scout’s combo of request management, proactive communication tools, and dedicated support resources make it an excellent choice for growing health care organizations.
To learn how Help Scout can help your practice or health care organization have better conversations with your patients, schedule a demo with our team today.
Price: Free trial available. Plans including HIPAA compliance start at $65/user per month.
Get started for free:
2. TigerConnect - Best for patient engagement
TigerConnect is a company that provides communication and scheduling solutions to medical facilities of all sizes. Its four main product offerings focus on alarm and notification management, physician scheduling, patient engagement, and clinical collaboration, all of which seamlessly integrate with each other as well as with external software like EHR systems.Â
The two TigerConnect products that support secure messaging are the patient engagement software and the clinical collaboration platform. The patient engagement platform makes it easy to communicate with your patients before, during, and after their visits without the need for an additional account, app, or password. Patients receive an SMS message with a link to a secure messaging environment when health care providers need to communicate sensitive information.
The clinical collaboration platform allows for internal text-based messaging among different teams and departments. It also integrates with the patient engagement software to allow providers to communicate securely with patients without the need for a separate app.
The TigerConnect platform is HITRUST CSF certified and HIPAA compliant, making it a great option for both internal and patient-facing text communication.
Price: Contact for pricing.
3. Rocket.Chat - Best chat app for team collaboration
Rocket.Chat is a collaboration platform that has a focus on security and compliance. The service is configurable for communication across multiple channels — including live chat — while maintaining compliance with policies such as HIPAA and GDPR.
There are a couple of different ways to provide live chat services to your patients with Rocket.Chat, each requiring a different amount of development lift. The low lift option is a chat widget similar to Help Scout’s Beacon, which can be customized to fit brand aesthetics and easily added to your website by pasting a code snippet into your site’s source code. If your team has more developer resources, you can create a more tailored patient experience by embedding the platform’s chat engine into your existing web and mobile applications.
Once chat is live for patients, your team can manage incoming messages through a shared workspace, which includes useful features like canned responses, private notes, and the ability to share files and images. When it comes to internal communications, Rocket.Chat steps up their game, offering an almost Slack-like experience — direct messaging, channels for group discussions, conversation threads, reactions, and even the ability to loop in vendors who use other platforms.
Potential customers may be drawn to Rocket.Chat for its free plan, which does include some safety features like 2FA and end-to-end encryption.Â
However, health care organizations will likely need to opt for the Enterprise plan to get the features necessary to meet HIPAA compliance requirements and to get the most out of the platform.
Price: Free trial available. Contact for Enterprise plan pricing.
4. Klara - Best for patient reminders
Klara is a patient communications platform that helps medical practices communicate with patients via voice, web chat, or text messaging without the need for a separate patient portal or mobile app.
Providers can send patients messages via standard text message for communications not containing PHI. For encrypted contacts, patients will receive a link that directs them to the Klara platform. Providers can also enable call-to-text functionality to prompt patients to turn their calls into text messages when it makes sense to do so, reducing hold times and increasing patient satisfaction.
Finally, Klara provides a good back-end experience for practice employees. They offer shared inboxes that put valuable patient information front and center, including voicemail transcripts and data pulled from your EHR, giving the team the context they need to provide the best care.
Price: Contact for pricing.
5. OhMD - Best for organizations interested in automation
OhMD is a health care messaging platform that allows patients, health care providers, and staff to stay in touch using channels and features that include live chat, text messaging, video visits, phone calls, forms, and surveys. The platform’s implementation can be made HIPAA compliant and is suitable for both small practice and hospital settings.
Health care organizations can use the OhMD software to add a live chat widget to their website to provide current and potential patients with an easy access point for communication with the practice. Providers or administrative staff can respond to chats from a shared inbox using features like saved replies, tags, internal notes, and conversation assignments. Once a conversation is complete, your team can send the data to your electronic health record (EHR) system with a single click — OhMD integrates with over 85 EHRs.
Outside of live chat communication, OhMD has a lot of handy features. There is internal chat functionality that allows your team to collaborate more efficiently as well as additional patient communication features that utilize SMS messaging. Through text messaging, your practice can ask patients to fill out forms or surveys. You can even use the platform’s Autopilot feature to take over common workflows like appointment scheduling and prescription refills, freeing up your team to handle more complex conversations.
Price: Free trial and plan available. Plans including live website chat start at $200 per month.
6. Twilio - Best for teams with development resources
Twilio is a technology platform that helps companies create customer communication experiences across live chat, SMS, messaging, voice, and video conferencing channels. Many of the platform’s products — including its live chat API — can be configured to be HIPAA compliant.
Most of Twilio’s products focus on access to the platform’s APIs to build new experiences. This can be both a blessing and a curse. On one hand, it provides tremendous freedom to create a patient or customer experience that is highly customized and personal. On the other hand, this type of project may feel overwhelming for smaller groups without technical resources.
If the idea of meddling with APIs makes you nervous, the platform does have one product, Twilio Flex, which is a bit more accessible. Flex lets you set up a contact center using pre-built themes, components, and plugins. You can add channels like live chat, messaging, or SMS and connect the platform to other software in your tech stack, like your EHR, billing software, and scheduling system, to bring all of your communications together, enabling you to provide better care.Â
Flex accounts also have several hosting options (local, in your own cloud environment, or in Twilio’s existing cloud platform), allowing you more control over your data. While Flex is a great option, those unfamiliar with contact center software may still need some developer help with implementation.
Price: Free trial available. Plan pricing is product dependent. Visit Twilio’s site for more pricing information.
7. Spok - Best texting platform for use across any device
Spok’s Care Connect platform is designed to help streamline clinical communications and workflows. It has solutions for everything from on-call scheduling to secure messaging to call center software.
The platform’s secure messaging solution allows clinical teams to communicate using text, images, and videos, all while remaining HIPAA and PIPEDA compliant. You can also specify which team members are permitted to access PHI, ensuring that each person only has the access they truly need to provide good care.
One of the more interesting aspects of Spok’s secure messaging is its ability to support HIPAA-compliant texting across personal devices. Having a bring-your-own-device (BYOD) policy that includes an option for secure texting helps give your team the flexibility they need to provide your patients with the best care, regardless of which device they are carrying — smartphone, tablet, or pager.Â
Price: Contact for pricing.
8. Trillian - Best for internal communications
Those who have been around since the early days of instant messaging likely remember Trillian as the third-party app that allowed you to manage all of your messaging accounts — AIM, ICQ, MSN Messenger, etc. — from a single client. In more recent years, Trillian has focused on its own messaging platform, offering packages for both individual and business use.
One of the business solutions offered by Trillian is HIPAA-compliant messaging for clinical settings. It lets doctors, nurses, receptionists, medical billing teams, and call centers communicate quickly and securely through direct and group messaging. The service allows for messaging via text, audio, and video, and it provides options for screen and file sharing.
While this tool moves away from web chat and patient app recommendations, it’s still a worthwhile platform for medical offices to consider. Adding a real-time messaging solution to your internal team’s tech stack can help improve team collaboration, which can lead to better patient health outcomes.Â
For those who think Trillian sounds interesting but still require an included patient solution, the platform has announced that it will bring secure SMS functionality to its health care offerings soon. This will allow you to securely share sensitive information with patients without needing an additional patient portal or application.
Price: Free trial available. Plans including HIPAA compliance start at $7.99/user per month (five-user minimum).
Choosing the best HIPAA-compliant messaging solution for you
Live chat and text messaging are communication channels that can provide many benefits to providers and patients alike. But if you're a healthcare professional, HIPAA regulations need to be observed to keep patient information secure.
If you’re ready to take on the challenge, consider booking a demo to learn how Help Scout can help you meet the evolving needs of your patients, staff, and community.