" HIPAA-compliant video conferencing Archives - LuxSci FYI Blog: Learn about HIPAA email encryption, secure email encryption, and more

Posts Tagged ‘HIPAA-compliant video conferencing’

Working from Home? Is Zoom HIPAA-Compliant for Video Conferences & Calls?

Monday, March 30th, 2020


Zoom Vide


In the midst of the coronavirus crisis and with many working from home, many businesses may be wondering: Is Zoom HIPAA-compliant?

While it is true that President Trump has relaxed HIPAA-compliance requirements around telehealth (which includes video teleconferencing) for the duration of the Covid-19 pandemic, the pandemic will eventually end and companies who have invested time and money accelerating their telehealth infrastructure would prefer to not have to change everything because they chose a non-compliant solution and now compliance is “back on the table.” We’re all slightly on edge and out of rhythm at the moment, but HIPAA regulations and the immense costs of data breaches for telehealth will be back.

The situation is serious, and we need to act quickly to put ourselves in the best position to ride this out. But we also need to be careful with our decision-making and ensure that these changes don’t have any disastrous effects.

If your company is involved in processing ePHI and intends to use video-conferencing and calls to allow people to work from home, it needs to know whether Zoom is HIPAA-compliant.

What Is Zoom Video Communications?

Zoom Video Communications is a company behind a range of different services, mainly associated with video calls, video-conferencing and other types of online collaboration. It has become quite popular over the past few years, particularly for business use, so it may be the first platform organizations turn to now that many employees are working from home.

Do Video Call Solutions Like Zoom Need to Be HIPAA-Compliant?

doctor-patient medical call

If your organization is involved in healthcare or it processes electronic protected health information (ePHI) on behalf of others, then it needs to be cognizant of the HIPAA regulations and always deal with the data appropriately.

This applies when data is collected, stored, and transmitted, whether by email or any other type of technology. This includes video calls and conferences. Perhaps this is easy to overlook, because many of us don’t personally store the video data from our calls – but that doesn’t mean the information can’t be intercepted by attackers or accidentally leaked, both of which can have significant repercussions for victims.

If a video calling platform is not HIPAA-compliant and is poorly secured, it’s possible for attackers to insert themselves and either access or record calls. This information can then be used in a range of crimes, ranging from extortion to identity theft.

Organizations that are found to violate HIPAA can be met with severe penalties, including up to $50,000 for each civil violation, or up to $250,000 and 10 years imprisonment for each criminal violation.

Is Zoom HIPAA-Compliant for Video Calls & Teleconferences?

The short answer is not necessarily, but Zoom HIPAA compliance is possible. The first thing that you need to know is that the standard offerings of Zoom are not HIPAA-compliant

Why aren’t these types of Zoom HIPAA-compliant? The simple answer is that they were designed for other purposes, which means that they should never be used for any calls that could involve ePHI.

If you’re a diehard Zoom fan, then you’re not completely out of luck, because one of its offerings – Zoom for Healthcare – is HIPAA-compliant. However, there are strings attached. As with any service that your organization shares its ePHI with, a business associates agreement (BAA) needs to be signed with the company. This is a contract that stipulates the conditions and where responsibility lies.

If your organization does choose Zoom, it needs to make sure that it only uses its service within the confines of the BAA.

Are There Other Platforms Apart from Zoom for HIPAA-Compliant Video Calls?

Zoom for Healthcare may not fit every organization’s work flows and HIPAA compliance needs, but thankfully there are alternatives.

LuxSci Secure Video is one option.  Secure Video is built on top of Zoom for Healthcare (so it uses all the same applications and distributed infrastructure that everyone is used to) and has scheduling, work flows, payment processing, and other features that make it especially useful for sessions with patents and for group meetings where sensitive information will be discussed.


Luxsci Secure Video




What Is HIPAA-Compliant Videoconferencing?

Monday, October 10th, 2016

HIPAA-compliant videoconferencing is a form of telecommunication used in health settings, allowing multiple parties (e.g. doctor and patient) to communicate via two-way video and audio transmissions. It provides patients with the same privacy and confidentiality that applies to in-person visits, protecting their information and giving the same care to storage and dissemination of the video as to paper documents under the Health Insurance Portability and Accountability Act (HIPAA).

There are many advantages to videoconferencing with patients, rather than meeting them in-person. Some patients have limited mobility, making it difficult for them to physically visit a healthcare provider. Some patient follow-ups only require a quick conversation and don’t require a physical examination. For many patients, it may also be much more convenient to have a video conversation than to travel to doctor’s office.  An additional benefit is the cost savings; videoconferencing can be much cheaper than in-person visits.

Read the rest of this post »