HIPAA Compliant Video Conferencing

HIPAA Compliant Video Conferencing


February 21, 2020 | Reading Time: 2 Minutes

Please support Telehealth.org’s ability to deliver helpful news, opinions, and analyses by turning off your ad blocker. How

Telehealth is growing rapidly as more healthcare providers are choosing to treat patients virtually. Utilizing video conferencing tools allows providers to treat patients that they would normally be unable to treat due to their geographic location. Treating patients virtually can also save providers and patients time and money. However, before developing a telehealth business, it is essential to ensure that you are using HIPAA-compliant video conferencing.

Video Conferencing and HIPAA

HIPAA compliant video conferencing must have safeguards in place to maintain the confidentiality, integrity, and availability of protected health information (PHI). To be HIPAA compliant, video conferencing tools must enable encryption, access controls, and audit logs.

  • Encryption: prevents unauthorized access to PHI by masking sensitive data into a format that is unreadable without a decryption key.

Access controls: utilizing unique login credentials allows actions to be attributed to specific users. Users should be designated different levels of access to PHI based on their job roles.

Audit logs: tracks who accesses what information, and how long they access it for. Audit logs allow for unauthorized access to PHI to be detected quickly.

Signed BAA

Many traditional video conferencing platforms have the security protections required by HIPAA but are unwilling to sign a business associate agreement (BAA). Since video conferencing platforms are considered business associates under HIPAA, HIPAA compliant video conferencing requires a BAA to be signed before they can be used for telehealth purposes.

A BAA mandates specific security measures that the business associate is required to have in place. A BAA also holds each of the signing parties responsible for maintaining their own compliance. Lastly, a BAA determines which party is responsible for reporting a breach should one occur.

Video Conferencing Platforms

There are several video conferencing platforms built specifically for telehealth. These may be preferable over other traditional video conferencing platforms as many of them integrate with electronic medical record (EHR) platforms, appointment reminder services, and e-claim filing tools. There are even HIPAA compliant video conferencing platforms that are built for areas with poor internet connections, enabling rural communities to receive health services that were previously unavailable to them. When choosing a video conferencing platform, telehealth businesses should look at the features available to determine which platform is right for their business.

Essential Telehealth Law & Ethical Issues

Bring your telehealth practice into legal compliance. Get up to date on inter-jurisdictional practice, privacy, HIPAA, referrals, risk management, duty to warn, the duty to report, termination, and much more!

Telehealth Video & Telephone Best Practices

Delivering telephone or video telehealth without formal professional training? Learn how to make telehealth easy, fun, legal & ethically compliant!

Intensive Telehealth Group Therapy Digital Workshop

Nervous about conducting telehealth group therapy? Many highly skilled group therapy providers have been forced into telehealth practice without thoughtful guidance on how to conduct evidence-based telehealth group therapy. The Telebehavioral Health Institute has organized two interlocking training experiences to help you learn by doing. These events are available as a package with both segments. They demonstrate the how and why of telehealth group therapy.

Disclaimer: Telehealth.org offers information as educational material designed to inform you of issues, products, or services potentially of interest. We cannot and do not accept liability for your decisions regarding any information offered. Please conduct your due diligence before taking action. Also, the views and opinions expressed are not intended to malign any organization, company, or individual. Product names, logos, brands, and other trademarks or images are the property of their respective trademark holders. There is no affiliation, sponsorship, or partnership suggested by using these brands unless contained in an ad. Some of Telehealth.org’s blog content is generated with the assistance of ChatGPT. We do not and cannot offer legal, ethical, billing technical, medical, or therapeutic advice. Use of this site constitutes your agreement to Telehealth.org Privacy Policy and Terms and Conditions.

Was this article helpful?

Please share your thoughts in the comment box below.

Notify of
1 Comment
Newest Most Voted
Inline Feedbacks
View all comments
3 years ago

It would be helpful if you would list examples of compliant platforms. Thanks!

Register for Free

Receive Any of Our 57 FREE Newsletters!


Most Popular Blog Topics

You May Also Like…

ChatGPT HIPAA Considerations
ChatGPT HIPAA Considerations

ChatGPT HIPAA compliance is one of the hottest topics at 2023 conferences and with good reason. AI...