Skip to main content
Answered

We are a HIPAA compliant company and so do not want to use the JS provided by intercom due to the security risk. Does anyone know of a way to implement the service without using JS that calls every time?


We are a HIPAA compliant company and so do not want to use the JS provided by intercom due to the security risk. Does anyone know of a way to implement the service without using JS that calls every time?

Best answer by Eric Fitz

Hey @user518​, I wanted to update you to let you know that, as of today, you can store user data on Intercom in a HIPAA compliant manner. You can read more about this here.

View original
Did this topic help you find an answer to your question?

4 replies

Forum|alt.badge.img+5
  • Expert User
  • 1152 replies
  • December 3, 2020

Hello @user518​ 👋 , Based on this article, Intercom currently not compliant HIPAA (you shouldn't use Intercom to store sensitive medical data).

 

More information


  • Author
  • New Participant
  • 1 reply
  • December 3, 2020

Hi,

 

We're not using intercom to store any data from our customers. Its purely a communications tool to our clients who themselves have patient information.

However, the concern is that the JS used to run intercom could be compromised and altered to then scrape or read our app for information that could contain patient information. As the JS is ran every time on every page and we dont control the JS, we'd be reliant on Intercom not to be compromised.

 

I'm trying to see if there is an alternative option to having this JS go back and forth every time.


Eric Fitz
Employee
Forum|alt.badge.img+5
  • Employee
  • 1630 replies
  • December 4, 2020

Hey @user518​, I'd strongly recommend that you implement identity verification to increase the security of your Intercom installation.


Eric Fitz
Employee
Forum|alt.badge.img+5
  • Employee
  • 1630 replies
  • Answer
  • March 25, 2021

Hey @user518​, I wanted to update you to let you know that, as of today, you can store user data on Intercom in a HIPAA compliant manner. You can read more about this here.


Cookie policy

We use cookies to enhance and personalize your experience. If you accept you agree to our full cookie policy. Learn more about our cookies.

 
Cookie settings