For HIPAA compliance, Zendesk Guide and Gather services must be configured to prevent the inclusion of PHI in public articles or comments.
Subscribers should ensure that no PHI is included in articles or attachments. It's recommended to disable end-user comments or moderate them to remove any PHI. If using the Guide Professional or Enterprise services, disable end-user post creation or enable content moderation to prevent PHI from being published. Community moderators should not be non-employees, and public profiles should be managed to avoid risks associated with @mentions.
To ensure compliance with HIPAA, Zendesk requires specific security configurations for HIPAA-enabled accounts. These include secure agent authentication, SSL encryption, IP address restrictions, and API security measures. For agent authentication,…
When using Zendesk messaging with HIPAA accounts, certain security measures must be implemented to protect ePHI. Subscribers should avoid enabling social media messaging integrations unless they ensure no ePHI is present or have a BAA with the…
For HIPAA compliance, Zendesk Sunshine Conversations should be configured to manage ePHI securely and restrict third-party integrations. Subscribers should avoid enabling third-party channel integrations unless they ensure no ePHI is present or…
To use Zendesk Chat with HIPAA accounts, specific security configurations must be followed to protect ePHI. Agents' access to Zendesk Chat should be limited and authenticated via Zendesk Support. Email piping and chat transcript emails should be…