The healthcare industry is basically locked into 365 due to a lack of alternatives supporting HIPAA.
Google Workplace theoretically can be configured, but it doesn't cover basic stuff like information in contacts. So if ANYONE in your organization (like an outreach coordinator) adds a patient and puts notes into the contact field, it's a HIPAA violation. There is no way to effectively police that.
I wish the regulations were written such that messaging apps, office suites, etc over a certain percentage of revenue had to qualify for HIPAA by default. It's absurd how many small shops just do everything in over WhatsApp/iMessage/Gmail/iCould, etc.
Google Workplace theoretically can be configured, but it doesn't cover basic stuff like information in contacts. So if ANYONE in your organization (like an outreach coordinator) adds a patient and puts notes into the contact field, it's a HIPAA violation. There is no way to effectively police that.
I wish the regulations were written such that messaging apps, office suites, etc over a certain percentage of revenue had to qualify for HIPAA by default. It's absurd how many small shops just do everything in over WhatsApp/iMessage/Gmail/iCould, etc.