Can you Configure Amazon Alexa in a Entity to be HIPAA Compliant?

by | Oct 29, 2020

HIPAA compliance is already provided by Amazon for its cloud platform AWS and the group is aiming to increase the use of the Alexa voice recognition technology within the healthcare sector.

There is great potential for Alexa to make a lot of workflows much more streamlined in healthcare. The transcribing of medical notes by doctors or the configuration of a virtual assistant to help speed up admissions are just two examples of how it could be used. The most recent research indicates that Alexa has been introduced in approximately 30 million U.S. homes. In all of these home if might be a simple step to use the tech to remotely monitor patients and allow increase engagement from patients in relation to their own healthcare.

However, in order for the successful integration of the technology into this sector the first step that must be to ensure that it is HIPAA compliant.

The implementation of Alexa has already been initiated by groups including:

  • WebMD: to send a portion of its web content to consumers
  • Israel Deaconess Medical Center (BIDMC): To conduct a pilot scheme to test Alexa’s capabilities in an inpatient setting. Further integration is planned once Amzaon integrates more security controls and commits to signing a business associate agreement (BAA).
  • Boston’s Children’s Hospital (BCH): The group is using clinical staff to test Alexa fo r sharing information. As there is no a BAA the test only involves non-identifiable health information. There is also the development of an Alexa skill called KidsMD where parents can enquire regarding medical conditions.
  • Merck: The Alexa Diabetes Challenge was kicked off during April 2017 in a bid to enhance the lives of patients diagnosed with type 2 diabetes. Amazon encouraged entries detailinf patient-centric solutions that use Alexa voice recognition technology to help those being treated.

Speaking about the challenges faced in achieving HIPAA compliance for Amazon Alexa the Global Segment Leader for Healthcare & Life Sciences at Amazon Web Services Oxana Pickeral said, “While Alexa and Lex are not HIPAA-eligible, this [Diabetes Challenge] has provided us an opportunity to envision what is possible.”

The fundamental requirements exit for Alexa to be HIPAA compliant but until the Lex platform i srecongifured to allow adequate safeguards for compliance with the HIPAA Security Rule implementation is not possible when dealing with protected health information. It is clear that Amazon is trying to make Alexa HIPAA-compliant. However until it is willing to sign a BAA and adhere with HIPAA Rules, Alexa must not be deployed in a healthcare setting with any identifiable health information.

Raise the level of HIPAA Awareness in your organization with Learner-Friendly, Comprehensive and Affordable HIPAA Training.


Please enable JavaScript in your browser to complete this form.

Patrick Kennedy

Patrick Kennedy is a highly accomplished journalist and editor with nearly two decades of experience in the field. With expertise in writing and editing content, Patrick has made significant contributions to various publications and organizations. Over the course of his career, Patrick has successfully managed teams of writers, overseeing the production of high-quality content and ensuring its adherence to professional standards. His exceptional leadership skills, combined with his deep understanding of journalistic principles, have allowed him to create cohesive and engaging narratives that resonate with readers. A notable area of specialization for Patrick lies in compliance, particularly in relation to HIPAA (Health Insurance Portability and Accountability Act). He has authored numerous articles delving into the complexities of compliance and its implications for various industries. Patrick's comprehensive understanding of HIPAA regulations has positioned him as a go-to expert, sought after for his insights and expertise in this field. Patrick's bachelors degree is from the University of Limerick and his master's degree in journalism is from Dublin City University. You can contact Patrick through his LinkedIn profile:

Raise the level of HIPAA Awareness in your organization with Learner-Friendly, Comprehensive and Affordable HIPAA Training.

Comprehensive HIPAA Training

Used in 1000+ Healthcare Organizations and 100+ Universities

    Full Course - Immediate Access

    Privacy Policy