Grasshopper’s website states that it does not enable HIPAA compliance and that support team members have access to account information and settings to help with technical issues. This access includes all messages that pass through Grasshopper’s calling, texting, and faxing features.
If protected health information (PHI) passes through these communication tools, it appears possible that unauthorized individuals could access the information. If Grasshopper doesn’t offer HIPAA-friendly services, covered entities shouldn’t use these tools.