This service was developed to be HIPAA compliant before the virus hit us. This system is and has been HIPAA compliant and this is why in our opinion.
The software
This system is the open-source project called Jitsi meet located at https://jitsi.org/. to best understand how it works please visit this page.. In short, Jitsi creates an encrypted audio/video chat directly between two participants and uses a common server if there are more than 2 people.
We maintain and or create a custom private trusted server that only medical professionals can start sessions on with the knowledge that there is no recording of the sessions, maintaining patient names, emails, and that PHI is never disclosed. We do monitor our network traffic for security reasons, We are not exposed to, or store video chat sessions or PHI of any type. We do not store PHI in any way.
Web browsers
The software was built to be compliant with a newer browser standard called WebRTC located at https://tools.ietf.org/html/draft-ietf-rtcweb-security-arch-19 which allows it to be compatible with both chrome and firefox browsers.
Cell phones and tablets
Apps are published by jitsi.org on multiple platforms and can be installed via google play and via the app store on apple products. The app developer may have access to information about who installed their app but gets no information as to why. They are just another user.
responses to the coronavirus…
Medicare Telehealth Frequently Asked Questions (FAQs)
We do not provide any storage services or have access to any PHI.