" chat Archives - LuxSci FYI Blog: Learn about HIPAA email encryption, secure email encryption, and more

Posts Tagged ‘chat’

Is Skype HIPAA Compliant? If not, what is?

Saturday, May 9th, 2020

Doctor using Skype for telehealth

In recent times we have seen a huge push toward telehealth, so many are wondering, “Is Skype HIPAA compliant?” While Skype is a practical tool that many people have access to, it’s important to consider any regulatory obligations you need to meet before you use it.

If your business collects, stores, transmits or processes electronic protected health information (ePHI), then it is subject to HIPAA regulations. Organizations that process ePHI on behalf of other parties also need to stick within the rules, otherwise they may face heavy fines.

Regardless of whether your organization provides health services through video or it uses video platforms to process ePHI in any other way, it needs to make sure it is using software that abides by the regulations.

Wondering, “Is Skype HIPAA compliant?” is a good starting point, but there are several things to consider before you commit to a video conferencing service.

Do You Need a BAA to Make Skype HIPAA Compliant?

A business associates agreement (BAA) is a contract between your organization and any others that process its data. In essence, these agreements outline how ePHI will be used, what control measures will be in place, and where the responsibilities lie between the two parties.

BAAs are absolutely necessary for HIPAA compliance. Even if your organization and its partner share ePHI with every control and security mechanism imaginable, as well as following all other aspects of the regulations, it would still be violating HIPAA if a signed BAA was not in place.

If your organization is going to be sharing ePHI over a video service, then it needs to be HIPAA-compliant.* However, the only way that it can be HIPAA compliant is if a BAA is in place.

Is Only the Business Version of Skype HIPAA Compliant?

Skype comes in several different versions, but the basic, consumer oriented one is not HIPAA compliant. The only type that offers BAAs and which could be made HIPAA compliant is Skype for Business, which is one of Microsoft Office’s business communication tools.  Note that “Skype for Business” is a completely different service than consumer Skype. 

However, it’s also worth noting that Skype for Business is currently being phased out in favor of Microsoft Teams. If you don’t already have a supported version of Skype for Business, you should look for HIPAA-compliant alternatives instead. Support for Skype for Business Online ends in 2021, while support for Skype for Business Server will be extended until 2025.

With this in mind, it’s probably not worthwhile pursuing any version of Skype for HIPAA compliance. If you use the basic version of Skype, you will be violating the regulations, and even if you can get Microsoft to sign a Skype for Business BAA, you may have to switch your software in 2021 anyway.

HIPAA-Compliant Alternatives to Skype

Considering that Skype for Business doesn’t have much time left and that it is not even the same as “regular Skype,” your organization will be better off finding a HIPAA-compliant alternative. One option is LuxSci’s SecureVideo, which was designed specifically to make it easy to stay within the regulations.

SecureVideo was developed from the ground up with HIPAA compliance in mind, ensuring that it became a practical video calling service that made security and compliance simple. The Zoom for Healthcare-based platform is great for telemedicine and other forms of sharing ePHI.

SecureVideo includes handy features like screen-sharing, file-sharing and virtual clinics, with a capacity of up to 100 participants. This makes LuxSci’s SecureVideo a convenient and compliant alternative to Skype.

 

* During the Covid-19 pandemic, HHS has waived responsibility for breaches through non-compliant video conferencing services, like Skype.  So, while Skype may not be compliant, it is OK to use during the pandemic.  However, as the pandemic subsides and this waiver is lifted, you should have transitioned to a service that is actually HIPAA compliant.

Protecting Your Account from Social Engineering

Tuesday, November 14th, 2017

LuxSci adds new technologies to protect your account from social engineering during support phone calls and chats.

Transcript

One of the biggest threats to your company’s security, its human error. Phishing attacks where people send email messages reporting to be from trusted sites that users click on and give away information. That’s the biggest threat. But what about social engineering?

Read the rest of this post »

Receive & Collaborate on Secure Form posts via Secure Chat

Tuesday, July 7th, 2015

LuxSci is proud to announce the integration of SecureForm and SecureChat.   SecureForm allows you to securely capture and process post from your web site and PDF forms.  SecureChat provides secure real-time communication and collaboration between people on mobile and desktop devices.  E.g. a secure replacement for texting that incorporates collaboration, archival, and compliance.

Now, SecureForm users can have their form post data sent securely to anyone’s SecureChat account (in addition to having the option of sending data to MySQL databases, secure email, secure FTP, and secure online file storage):

Read the rest of this post »

SecureChat: HIPAA-Compliant Chat and Texting at LuxSci

Sunday, February 15th, 2015

LuxSci is pleased to announce the availability of SecureChat, a secure, HIPAA-compliant chat and texting service that works through any modern web browser and though native Apps for iOS and Android devices.

SecureChat enables real-time texting and communications of files in a way that is secure and compliant, unlike regular text messaging and use of apps like Skype.

“Delays in communication no longer represent a delay in care. Our facility did a pilot study and it showed that the average response time from doctors using secure chat is 1-2 minutes, compared to 28 minutes when they used pagers and phones. I oversee a multidisciplinary team of health care professionals. With so many people involved, having fast, secure text messaging is critical to how we relay doctor’s orders and changes in patient status, and get nursing updates and therapy reports.”

— Aaron Salyapongse, MD; Director of Hip and Knee Surgery at Valley Care Hospital

Notably, SecureChat includes:

  1. Messages and files always encrypted — in transit and at rest
  2. Archives of all messages and files sent
    • Administrative access to archived messages for compliance
  3. Compatibility with iOS, Android, and any modern web browser
  4. Read receipts on messages sent
  5. Users can connect using multiple devices, simultaneously
  6. File attachments up to 100MB in size
  7. Real-time, synchronized messaging and conversations
  8. Distribution lists
  9. Unlimited conversations, messages, and archival storage

SecureChat is integrated with LuxSci and provides a fast, clean, and simple interface to communicating on-the-go (and in your seat) with other SecureChat users.

SecureChat licenses are $6/user/month (with discounts for 100+ licenses).  New customers can add SecureChat to their orders using our Order Wizard; existing customers can add SecureChat to their existing accounts using the “Account – Upgrade” tool.

One SecureChat license is needed per individual using the SecureChat system; however, your licenses do not have  correspond to the users in your LuxSci email hosting account.  They could include a subset of these people, as well as licenses for arbitrary external users that you also wish to include.

Please contact Sales if you have questions about SecureChat, or if you would like to try it out for Free.

LUXSCI