- HIPAA Update - http://blogs.hcpro.com/hipaa -

HIPAA Q&A: Teleconference services

question [1]Submit your HIPAA questions to Editor Jaclyn Fitzgerald at jfitzgerald@hcpro.com [2] and we will work with our experts to provide the information you need.

Q: My organization plans to begin offering tele-practice services via videoconferencing. What measures should we take to ensure this patient communication is secure?

A: Ensure the teleconference service you use is secure and the transmission is encrypted. If the teleconference vendor will store the appointment video, execute a BA agreement in advance. Creating patient training to let patients know what they can do to protect their own privacy is another good idea. For example, patients should be made aware that it is not a good idea to dial-in to the appointment in the local coffee shop. In addition, test the teleconference service prior to scheduling any remote patient appointments.

This approach is similar to any new technology that will be used for patient care and communication. CEs will need to vet vendors to ensure they are comfortable with the level of security the vendor provides.

Editor’s note: Chris Apgar, CISSP, president of Apgar & Associates, LLC, in Portland, Oregon, answered this question for HCPro’s Briefings on HIPAA. [3] This information does not constitute legal advice. Consult legal counsel for answers to specific privacy and security questions.