Is Skype HIPAA Compliant?

Skype is widely used around the globe for business conferences. The platform help organizations to conduct video conferences as well as it allow them to share data on it and Skype are HIPAA compliant. On the increase use of technology for communication, many practitioners are interested in knowing whether well-liked social media platform are compatible with Health Insurance Portability and Accountability Act (HIPAA) requirements. Skype is great for connecting with family and friends. But it is not designed for medical use or not a designated telemedicine platform and should not be used to treat patients virtually. Given the growing interest in video conferencing services for business for virtual meeting, communicating with patients online, healthcare organizations often come to Bridge Patient Portal, a patient meeting vendor, with questions about the use of Skype for telemedicine, and is Skype HIPAA Compliant?

Image Source: https://telehealth.training

HIPAA (Health Insurance Portability and Accountability Act) is United States law that protects medical data of an individual by providing data protection and security provisions. This law has emerged into greater importance in recent years with the abundance of health information breaches caused by cyber attacks and virus’s attacks on health insurers and providers.  HIPAA principle requires that any software transmitting secured personal health data meet a 128-bit intensity of encryption, at a minimum. While Skype does meet this condition with 256-bit encryption that doesn’t automatically mean the software is automatically HIPAA compliant.

Note that “Skype for Business” is a totally different service than consumer Skype. Skype for Business online is HIPAA compliant. Because Microsoft offers HIPAA BAA that covers in-scope Microsoft services such as Skype for Business. The Business Associate’s Agreement (BAA) is essential because it shows that entities comply with HIPAA equally and offers great protection to the data that is shared or transferred online. It’s an important protection for both parties.Skype for Business provides a detailed activity report of Skype usage. The activity includes the time, date, duration, and destination number of all calls and texts made and details of purchases and downloads. These controls are helpful for recording and examining information system activity, particularly when determining if a security violation arises.

Conclusion

Yes, Skype for business is HIPAA compliant and if you are a covered entity or business associate then you can use it to share and transfer the PHI online.

Leave a Reply

Your email address will not be published. Required fields are marked *