When using Zendesk messaging with HIPAA accounts, certain security measures must be implemented to protect ePHI.
Subscribers should avoid enabling social media messaging integrations unless they ensure no ePHI is present or have a BAA with the platforms. File attachments in messaging should be disabled or secured, and agents should be trained to avoid sharing ePHI. Persistent web widget conversations should be managed to prevent unauthorized access, and JWT authentication should be implemented securely with frequent key rotations.
To ensure compliance with HIPAA, Zendesk requires specific security configurations for HIPAA-enabled accounts. These include secure agent authentication, SSL encryption, IP address restrictions, and API security measures. For agent authentication,…
For HIPAA compliance, Zendesk Guide and Gather services must be configured to prevent the inclusion of PHI in public articles or comments. Subscribers should ensure that no PHI is included in articles or attachments. It's recommended to disable…
For HIPAA compliance, Zendesk Sunshine Conversations should be configured to manage ePHI securely and restrict third-party integrations. Subscribers should avoid enabling third-party channel integrations unless they ensure no ePHI is present or…
To use Zendesk Chat with HIPAA accounts, specific security configurations must be followed to protect ePHI. Agents' access to Zendesk Chat should be limited and authenticated via Zendesk Support. Email piping and chat transcript emails should be…