HT4245: Using FaceTime and iMessage behind a firewallLearn about Using FaceTime and iMessage behind a firewall
Currently Being ModeratedMay 18, 2012 1:43 PM (in response to jjpeoples)
I'm not sure on the specifics of FaceTime or HIPAA but I would assume it would depend on the encryption of your WI-Fi connection. FaceTime is a Wi-Fi only feature so it's only as secure as the Wi-Fi network on either end.
Currently Being ModeratedMay 18, 2012 1:53 PM (in response to MessagingTech)
From what I have read at this point, the security comes into play when the level of encryption from point to point. If for example our organiztion supports and utilizes WPA2 Enterprise which uses 128 bit encryption and assuming both end points are on the same network, would the connection be secure enough to be HIPAA compliant?
Currently Being ModeratedMay 18, 2012 1:57 PM (in response to jjpeoples)
I assume it would be the same for WebEx or GoToMeeting that have iPad support/apps and use video conferencing. If your organization allows the use of WebEx or another service, it might be worth looking into that as a corporate solution than FaceTime. To go a step further you can create an iPhone configuration policy to block FaceTime if there are concerns over it and use only supported standards. If both users are on the same network, I would think it would be secure enough, but I don't have any experience with HIPAA or health care laws.
Currently Being ModeratedMay 18, 2012 2:16 PM (in response to MessagingTech)
We do use WebEX and GoToMeeting mainily from PC workstations. Most video conferencing is point to point with tradtional video conferecning gear i.e., Tandberg/Cisco or Polycom. WebEx is generally used for webinars with no exchange of patient information. Microsoft OCS is utilized mainly for Live Meeting for content and video conferencing to remote locations.The question that I have is what is the encryption for FaceTime is it indeed 128bit?
Currently Being ModeratedMay 21, 2012 8:07 AM (in response to jjpeoples)
From my brief research the answer appears to be Yes, if you are using a WPA2 encrypted network. However, I wouldn't think you can 100% guarentee compliance because the device is not certified as such and you cannot ensure that users are connected to the correct Wi-Fi or other what-if scenarios.