Is Uber Health HIPAA Compliant?

This March, Uber officially launched Uber Health – A platform that makes arranging transport for patients more straightforward and cost effective. The service should benefit patients and providers alike, although questions have been raised about HIPAA and whether Uber Health is HIPAA compliant.

What is Uber Health?

Uber Health consists of an online dashboard that healthcare providers can use to schedule transport for their patients in advance. Provided the patient has a mobile phone, he/she will receive a notification about the collection and drop off location via text message. In contrast to the standard Uber service, Uber Health does not require the use of a smartphone app.

By using Uber Health, healthcare providers can potentially reduce the number of no shows and ensure more patients turn up on time for their appointments. Rides can be scheduled when the patient is in a facility, ensuring they have transport arranged for follow up appointments. The service could also be used for caregivers and staff.

The official launch of the platform comes after a trial on around 100 healthcare organizations, with the platform now made available to healthcare organizations of all sizes.

Uber Health HIPAA compliant ride scheduling service

Image Source: Uber

Is Uber Health HIPAA Compliant?

Any HIPAA-covered entity that signs up to use Uber Health would be required to enter patient names and appointment times into the system, so prior to using the service a business associate agreement would need to be obtained. Uber is happy to sign BAAs with all participating healthcare organizations.

Uber maintains on its website that Uber Health is HIPAA compliant and any data entered via the dashboard is protected by privacy and security controls in line with HIPAA standards. All data remains secured in the system, and the only information passed to its drivers is the name of the patient, the pickup and drop off time, and the collection point and drop off location, as with any taxi service. No protected health information is passed to the drivers.

Uber says it consulted with Clearwater Compliance while developing the Uber Health service to ensure all requirements of HIPAA were satisfied. Uber has conducted HIPAA-compliant risk analyses and completed compliance assessments and has been confirmed to be compliant with HIPAA Rules.

Provided a business associate agreement is obtained from Uber, Uber Health is a HIPAA compliant ride sharing service and can be used without violating HIPAA Rules.

Author: Steve Alder has many years of experience as a journalist, and comes from a background in market research. He is a specialist on legal and regulatory affairs, and has several years of experience writing about HIPAA. Steve holds a B.Sc. from the University of Liverpool.