How do I configure Facetime settings to ensure HIPAA compliant encryption for Telehealth activity?
Contact your company's legal representative.
I work with private medical data, and use only company-provided paths to handle their data. You need to pass FaceTime or you risk very serious consequences.
Thanks. It was my understanding that FaceTime is HIPAA compliant, as long as the the WIFI connection on both ends of the call uses WPA2 Enterprise with 128-bit AES encryption. The security evidently is enhanced by the single- (not multi-) point user interface. The latest I could find online about this so far, after a limited search, is an article over a year old (http://www.zdnet.com/blog/apple/facetime-calls-are-encrypted-and-hipaa-compliant -when-using-proper-encryption/11166).
So I decided to post my question on this forum, in the hope of getting more recent information. The Telehealth in question here is psychotherapy, involving the transmission of a video call, no other data transmission (ie, labs, etc.). So help me understand your reasoning behind the recommendation to pass on FaceTime.
Our agency is pursuing other, and more expensive industry-standard options. Can I name them on this forum in the context of a FaceTime comparison (perhaps apples and oranges, no pun intended)?
It sound like you want to ask a technical question ... comparing video-conferencing products. Will not violate any forum rules I know of, but not sure who has the information you need who is in the forum.
I stand by getting your "Security Officer's" sign-off on Facetime I did not say "pass on". I know all of the "how to be HIPAA-compliant" classes scare the chut out of me regarding the Federal consequences of violations. If information leaks, I can face 10's of thousands in fines and years in Feeral prison.
Happy travels.
Thanks again. We're looking at Vidyo, Polycom, Avaya and Cisco - http://blogs.forrester.com/henry_dewing/11-10-11-forget_facetime_enterprise_vide o_is_coming_to_a_tablet_near_you_now - all focusing off expensive teleconferencing suites and competing aggressively to capture the mobile 'telepresence' market.
Both our legal consultant and HIPAA Compliance Officer confirmed the use of FaceTime with the WIFI level mentioned above. Got it that you meant sign-off, not 'pass on' FaceTime. All of this is relatively new to our agency and to the profession of psychotherapy. We don't want to be the test case in court re Telehealth and HIPAA. The laws can't keep up with the pace of technology changes. So we will proceed with caution. It would help to know if anyone in healthcare practicing Telehealth has used FaceTime.
Someone in this forum may have the experience you want. I will not give you false hope or deny the possibility.
But this is primarily staffed by users like you who volunteer their time. Specific experience like you seek may or may not exist.
Good luck with your investigation.
Hi!
I researching this exact thing, and came across your post. Have you found any more info regarding whether or not FACETIME is HIPPA compliant? I'd be very interested to hear about your findings!
Thanks!
According the following article, Facetime is HIPAA compliant so long as both parties are using Wi-Fi connections utilizing WPA2 Enterprise encryption. And of course, the conversation should be a private area devoid of other patients. As of fall 2014, one the largest healthcare systems in the US, the VA hospital system has approved Facetime for teledermatology.
Read here for the original article.
https://www.linkedin.com/pulse/facetime-hipaa-compliant-jon-taylor
How to make Facetime HIPAA compliant for use in Telehealth?
