GoHighLevel has HIPAA compliance available to anyone who uses the platform to process protected health information.
However, simply purchasing the service is not enough to ensure full HIPAA compliance for your business.Â
Key Takeaways:
- HIPAA compliance costs $297/month or $2,970/year plus your usual subscription fee
- GoHighLevel HIPAA only covers the platform—agencies must also be HIPAA-compliant
- Once you purchase HIPAA compliance, you cannot cancel it
Is GoHighLevel HIPAA Compliant?
GoHighLevel offers Health Insurance Portability And Accountability Act (HIPAA) compliance, but it doesn’t come as standard.Â
When you initially pay for a subscription (Starter, Unlimited, or Pro plans), the platform will not be HIPAA compliant. Instead, it’s available as a paid add-on to your usual subscription price.
How Does It Work, Exactly?
Once you have purchased a subscription plan from GoHighLevel, you will find the option to upgrade to HIPAA inside your Agency account. You’ll find it in the Add-Ons tab.
Once you have completed the purchase for HIPAA compliance, you will be invited to read and sign the necessary documents.
After this, GoHighLevel’s database will automatically encrypt all data. There’s nothing else to do on your end in terms of setup or modification.
Who Needs It?
Anyone or any business that handles protected health information (PHI) requires HIPAA compliance.
This includes:
- Healthcare Providers: Doctors, dentists, medical facilities, chiropractors, etc.
- Insurance Companies: Employer-sponsored health plans, Medicare, Medicaid, etc.
- Business Associates: Any entity that processes health information between providers and payers—for example, billing services and legal services
Now, while you may not be directly involved in any of these industries, you may take on clients that are.
Therefore, you must be HIPAA compliant if any PHI is collected, stored, processed, or transmitted via GoHighLevel or your agency.
To make this clearer, let’s take a look at a quick example:
- You are a marketing agency using GoHighLevel, and you take on clients who own osteopathy practices.
- You start to handle their booking systems, take patient appointments, send out reminders, and deal with patient follow-ups.
- Since you are processing and storing patient data (which includes PHI), your agency must be HIPAA compliant.
Now, let’s say you take on osteopathy clients, but the work you do for them is different:
- Your clients request that you set up marketing campaigns for offers on treatment bundles.
- You collect lead data (names and emails) to send out promotional emails containing the offers.
- Interested individuals call the osteopathy practice directly to book, and at no point do you deal with any patient bookings, follow-ups, etc.
- Since the data you collect does not involve PHI or medical details, in this case, it is not necessary to be HIPAA compliant.
- However, if you collect more than just names and emails—symptoms, previous treatments, or anything directly health-related—this could fall under PHI, and HIPAA compliance would be required.
GoHighLevel HIPAA Compliance Doesn’t Mean Your Business Is Compliant
It’s very important to distinguish GoHighLevel’s HIPAA obligations from your own.
Just because you’ve purchased the GoHighLevel HIPAA add-on doesn’t mean that you or your agency are HIPAA compliant. It simply means that the platform is.
In other words, it’s not just necessary to ensure that GoHighLevel is HIPAA compliant. You must also get HIPAA compliance for your business.
To do this, you need to:
- Sign a US Department of Health and Human Services, Business Associate Agreement (BAA) with each of your clients.
- Designate a HIPAA compliance officer and conduct employee training on HIPAA rules and regulations.
- Complete a risk assessment to identify any security risks.
- Implement policies for PHI access, data sharing, and breach response.
- ALL tools and software (including GoHighLevel) your agency uses must be HIPAA compliant, complete with access controls, encryption, and audit logs.
- All devices (computers, phones, etc.) require strong security and access control.
If you’re ever in doubt, it’s worth working with a HIPAA compliance consultancy (The Compliancy Group, HIPAA One, etc.). They can ensure you’re fully compliant and provide certification proving the fact.
How Much Does GoHighLevel HIPAA Compliance Cost?
There are two ways to pay for GoHighLevel HIPAA compliance:
- Monthly: $297
- Annually: $2,970
Overall, paying annually is cheaper since it saves you $594 compared to paying monthly.
Useful things to know:
- This price is in addition to your usual subscription amount.Â
- HIPAA compliance can be added to any GoHighLevel plan.
- It covers all locations (sub-accounts) within your agency account.
Once You Get It, You Can’t Go Back
Think very carefully about whether or not you want to take on clients that require HIPAA compliance.
Once you have purchased the HIPAA add-on, removing it is impossible, even if you stop taking on medical clients. So, you’ll be stuck paying for it forever, regardless of which direction you take your business.
The only way to remove HIPAA compliance from GoHighLevel is to cancel your account altogether.
How to Set Up GoHighLevel HIPAA (A Quick Guide)
Make sure you’re in the Agency View of your account. Click Add-Ons and find the HIPAA section.
Choose and click on your preferred subscription method and click Buy Now.
You will be taken to the payment screen where you can complete the purchase.
Still the Agency View of your account, click Settings > Compliance. You’ll now see a request for you to read and sign the BAA document.
Once the document has been signed and submitted, it can take up to 72 hours for HIPAA compliance to be activated.
Frequently Asked Questions
How Long Does It Take To Set Up GoHighLevel HIPAA?
Once you have purchased the GoHighLevel HIPAA compliance add-on, it takes between 48 to 72 hours to be fully set up. The faster you sign the BAA form, the quicker the process will be.
How Do I Get GoHighLevel HIPAA?
You can get GoHighLevel HIPAA by purchasing the add-on from within your GoHighLevel account. It costs $297 per month or $2,970 per year in addition to your usual subscription fee.
