Are Google Home and Google Assistant Compliant With HIPAA?
Can medical practitioners use Google Home and Google Assistant? Is Google Assistant HIPAA compliant or would use of Google Assistant or a Google Home device at work violate Health Insurance Portability and Accountability Act Rules?
There has been an increase in the popularity of connected home assistants like Google Home in recent years. A 2018 market research study by Cognilytica revealed 51% of people use them in their care, 39% use them at home, but only 1% of people currently use them at work. Those percentages are rapidly rising.
It might be appealing to take a Google Home device with you into the workplace and use it for taking notes, getting fast answers to questions, launching applications, and scheduling reminders and phone calls. In an ordinary office setting, a Google Home device can be useful, but there are potential problems with the use of virtual assistants in healthcare.
Virtual assistants are being developed with security controls to meet the requirements of HIPAA and it is only likely to be a matter of time before they are widely adopted in the healthcare industry. They could be used by doctors to access patient records quickly or for dictating medical notes and could even help to improve patient care; however, the majority of virtual assistants currently lack the appropriate privacy and security safeguards to meet HIPAA requirements and few developers of voice assistant technology are currently willing to sign business associate agreements with HIPAA-covered entities.
Is Google Assistant Compliant With the HIPAA?
Google has BAAs with healthcare organizations to cover the use of a number of its products. However, Google’s BAA does not cover Google Home or Google Assistant at this time. Until Google says that its voice assistant is compliant with HIPAA requirements and includes it in its BAA, Google Home and Google Assistant are not HIPAA compliant and cannot be employed in healthcare in connection with any ePHI.