Hosted by AMAZON (AWS) Webservices

HIPAA security compliance for Promptchat’s Live Chat and Chatbot Builder Platform is available by adding the HIPAA option to an AWS hosted server instance.

As a HIPAA chat server

user you gain access to;

  • A dedicated live chat server with the Promptchat chatbot builder platform running on a dedicated IP address on AWS (See Amazon’s HIPAA compliance statement https://aws.amazon.com/compliance/hipaa-compliance/ )
  • Exclusively used by your company (not shared by other customers)
  • Access to the chat server’s databases is limited to one of our HIPAA trained technicians (no server database access credentials are provided to client unless running a self hosted server)
  • Web based customer management console for your system admin (chat server with chatbot builder and live chat features with unlimited live chat operators)
  • Web based live chat client (3 level hierarchy – User/Admin/Company)
  • Optional Android, iOS Mobile Apps
  • 2 hour remote desktop training session included in pricing
  • Free Email/Ticketing/Live Chat support for the duration of the contract

HIPAA Contractual Agreements


  • BAA Agreement (HIPAA Business Associate Agreement)
  • NDA Agreement (HIPAA None Disclosure Agreement)
  • If any subcontractors are involved than a Subcontractor Agreement
  • Provide us with proof of your firm’s HIPAA training certificate


Workshops & custom software features

With the help of our HIPAA security clearance training partners we can assist you with obtaining or renewing HIPAA certification for you/your company.

Contact us for details.

The HIPAA software option for the Promptchat live chat and chatbot server will work off the shelf offering live chat and chatbot features on up to 200 URLs.

Note that barely do we come across user cases where we do not need to do additional software customization. Don’t hesitate to contact us with your own feature requests.


More on Promptchat’s HIPAA compliant live chat software option

The health insurance portability and accountability act (HIPAA) has set various guidelines, which should be adhered to by anyone who handles any electronic medical data. Promptchat offer self hosted chat servers which you can plug in to your existing hosting environment so your medical data never goes through the Promptchat servers. In addition, we can offer the HIPAA package, an optional add on to any chat server purchase, allowing your live chat communication to become fully HIPAA compliant.

There are 5 standards listed under the Technical Safeguards section.

  • Access Control
  • Audit Controls
  • Integrity
  • Authentication
  • Transmission Security

When you break down the 5 standards there are 9 things that you need to implement.

Access Control – Unique User Identification (required): Assign a unique name and/or number for identifying and tracking user identity.
Access Control – Emergency Access Procedure (required): Establish (and implement as needed) procedures for obtaining necessary ePHI during an emergency.
Access Control – Automatic Logoff (addressable): Implement electronic procedures that terminate an electronic session after a predetermined time of inactivity.
Access Control – Encryption and Decryption (addressable): Implement a mechanism to encrypt and decrypt ePHI.
Audit Controls (required): Implement hardware, software, and/or procedural mechanisms that record and examine activity in information systems that contain or use ePHI.
Integrity – Mechanism to Authenticate ePHI (addressable): Implement electronic mechanisms to corroborate that ePHI has not been altered or destroyed in an unauthorized manner.
Authentication (required): Implement procedures to verify that a person or entity seeking access to ePHI is the one claimed.
Transmission Security – Integrity Controls (addressable): Implement security measures to ensure that electronically transmitted ePHI is not improperly modified without detection until disposed of.
Transmission Security – Encryption (addressable): Implement a mechanism to encrypt ePHI whenever deemed appropriate.

This article is not a definitive list of what is required for HIPAA compliance; you should assign a Privacy Officer to review each rule in its entirety. This article is intended to point you in the right direction.

Promptchat’s HIPAA compliant live chat server option is available from July 2018 and meets the Privacy and Security requirements laid out in the most recent HIPAA rules.

Pricing & Trial Account


There is a one off setup dervice fee and a monthly ongoing server license fee with optional mobile apps. Create a free trial account and contact us for a remote desktop software demo.