Wave HIPPA Compliance?


I have opened a support ticket with GS, but does anyone here know if using Wave (especially the meetings) is HIPPA compliant like zoom? Now that we have plan prices I have been showing this off to lots of folks but a few are healthcare so I don’t want to get them all excited to use but then have to say sorry can’t do cause of HIPPA.

Here is Zoom’s HIPPA Compliance Datasheet https://explore.zoom.us/docs/doc/Zoom-hipaa.pdf for reference.




Dear user,

Thanks for all your feedback! Our regional support will reach you asap and I will also report this question to our development team for evaluation. Thanks for your testing!

Thank you!


Zoom is a service, Wave is a SIP endpoint app. It’s is about how you intend to use it and possibly in conjunction with what else. in other words, Wave is connected directly to the PBX, but what or who else may connect (to the meetings) and how will you insure:

  1. that they do so in a manner that only those that need to connect can do so in a secure manner and that you can authenticate same,
  2. how will they connect and is the connection secure and/or are there BAAs in place or is the conveyance considered a conduit service and,
  3. what will be presented and will that info be protected so as to maintain confidentiality and/or the proper releases/waivers signed and on-file?

However, it really sounds like you need to understand the entire Ecosystem of the 6300. You can use some of what Zoom has presented as a guide and then review the requirements to draw up your own documented structure of what the system must do along with the requirements for the organizers and users/attendees.

The following link will offer more of the needs:


Hi Larry,

Thank you for your advice. I kind of did what you have mentioned already, and Wave seems to meet most of the requirements. So yes I am looking into writing up a document specifying as much. I am interested to see what GS says.


Thanks for your clarifications! We will need to consult this internally. Thanks for your testing!

Thank you!


I got a msg back from support with a link to their Privacy Statement. https://documentation.grandstream.com/knowledge-base/grandstream-device-management-system-gdms-privacy-statement-how-gdms-processes-user-data/

This is kind of what I was looking for. Just something posted somewhere that says the data is encrypted.


Thanks for sharing your feedback with us!

Thank you!