Security/HIPAA

 

Over the years, HTRC has fielded our share of questions about HIPAA compliance and protected health information. Keeping patient information private and protecting your facility and practitioners from unintentional mistakes is serious business, but if a few simple rules are followed, adhering to privacy and security regulations may be easier than you think.

What video conferencing systems are allowed?

You may be surprised to learn that in general all videoconferencing systems are secure - meaning that they are encrypted and require log-in at both sites. And yes, this includes Skype. However, some licensing agencies do not permit the use of non-commercial grade video-conferencing, so be sure to check with the appropriate agency.

Telemedicine and HIPAA

Interactive video conferencing meets the HIPAA guidelines for privacy and security. The same privacy rules apply as face-to-face encounters. In other words, the room where the patient sees the provider via telemedicine should be private just like any other room. However, the security rule does not apply to telemedicine as long as no data is recorded. If, on the other hand, an image is recorded, even a still shot of the video conference, the data becomes electronic protected health information (ePHI) and the security rule must then be followed.