• Home

HIPAA Compliance

Written by Ray Orsini

Updated at October 9th, 2025

Contact Us

  • The Essentials
    FAQs Forms OIT Learning Academy
  • Announcements
    Carrier Events mFax Events Platform Events Release Notes
  • Billing Administration
    Datagate OneBill
  • Faxing
    mFax - Analog mFax - Digital Native Fax
  • Hardware & Software
    Manual Configuration Provisioning NDP Axis Cisco Fanvil Grandstream Polycom Snom Yealink Mobile Applications Desktop Applications Mobile-X SNAPbuilder TeamMate Connector UC Integrator
  • Hosted Voice
    Auto Attendants Branding Call Queues Call Routing CDRs Conferencing E-911 Features Fraud Integrations Inventory / Phone Numbers Local & Toll Free Porting Onboarding Recommendations SNAP.HD SIP Trunking SMS / MMS Users Voicemail Caller ID
  • Troubleshooting
    VoIPmonitor Firewalls PBX
  • Ray's Stuff
+ More

Table of Contents

Covered Services Non-Covered Services Required Configurations Request a Business Associates Agreement

Scope

Intended Audience: All audiences

Business Associates and Covered Entities are organizations bound by HIPAA rules. The requirements for compliance include certain configuration changes as well as a Business Associate Agreement (BAA) in place. This article will go over what is covered, what is not, and what changes need to be made for HIPAA compliance.

 

Requirements

Any Scope on the Manager Portal. A signed BAA.

 

Covered Services

Only the services specified below are covered by our BAA. These services include:

  • Inbound voice calling
  • Outbound voice calling
  • Call detail records
  • Voicemail messages
  • Call recording
  • API services
  • Voicemail notifications without attachments or transcription
  • 4G/LTE Voice Services (aka Mobile-X)
  • Microsoft Teams Connector
  • Mobile and desktop softphone

Non-Covered Services

Unless specified above, all other services are not compliant with HIPAA controls and should be disabled to remain in compliance. A partial list of non-covered items are below.

  • Voicemail transcription
  • Sentiment Analysis
  • Voicemail to Email with Attachment
  • Short Message Service (SMS) & Media Message Service (MMS)

Required Configurations

  • Voicemail to Email can be used, but must not contain any attachments
  • SMS cannot be enabled for any users on the domain
  • Native Fax cannot be used

Request a Business Associates Agreement

To request a BAA please email support and include the information for who will be signing. Our team will send a BAA for digital signature within 4 business days.

privacy regulations baa business associate business associate agreement covered entity ce hipaa

Was this article helpful?

Yes
No
Give feedback about this article

Related Articles

Knowledge Base Software powered by Helpjuice

Expand