Aug 29, 2018
Are your online tools HIPAA compliant?
Mar 22, 2018
You are constantly looking for ways to better serve your clients. From new administrative solutions to new online technologies to better connect and engage with your clients, you are constantly improving your care delivery. But are these tools really helping you?
Many of the tools most commonly used by practitioners today such as Skype or Google Hangouts are not compliant. The Health Insurance Portability and Accountability Act (HIPAA) requires a certain level of encryption and designed set of procedures for handling data by technology providers in healthcare applications. However, by using Skype, you could be putting your clients’ confidentiality and your practice at risk because this is not always the case. While these tools can help you increase satisfaction and continuity, it is at cost to you and your clients’ privacy and this is primarily because of something called end-to-end encryption (E2E encryption).
Unlike other secure messaging solutions, chat transcripts and records of communications from Skype sessions are retained on Microsoft servers after a session has been completed. While the content of the session isn’t recorded, the data surrounding the fact that communication occurred between two people is. In a field where there is already high stigma around use of mental health services, these metadata exposure points can put client information at risk and potentially reduce their likelihood to continue their mental health treatment.
Similarly, Google has publicly admitted that Hangouts does not use E2E encryption, meaning the company itself can tap into sessions if and when it receives a government order to do so. Google Hangouts is particularly challenging because it was developed to be a social interaction so depending on your clients’ privacy settings, it may even notify their social network that they just had a call with you. This type of error can occur frequently for users new to the platform.
While video messaging tools such as Skype and Google Hangouts can enable the development of strong relationships between providers and clients, they pose a significant privacy risk particularly in the field of mental health. To continue engaging your clients through and between appointments virtually, explore solutions that offer secure video and messaging with strong 256-bit end-to-end encryption. OnCall Health has been a North American leader in providing strong, secure telemedicine options for providers across the region.