Contact Us

Contact Us

Secure HIPAA Compliant Video Conferencing

Secure Video Conferencing HIPAA Compliant Solution

Technosoft has developed many HIPAA compliant Video conferencing/chat solutions for many healthcare organizations. These solutions have been used in CCM and other disciplines.

 

HL7 Interface

Technosoft has developed many HIPAA compliant Video conferencing/chat solutions for many healthcare organizations. From early 2000, we have been developing HIPAA compliant solutions for companies focused on US healthcare market. We have senior HIMSS Certified Healthcare Security Professionals in our staff. We have a broad knowledge of HIPAA privacy and security regulations and its local implementations or interpretations.

Our HIPAA compliance video chat solutions for our clients:

Our HIPAA compliance video chat solutions for our clients:

  • OpenTok SDK
  • AddLive implementation
  • Zoom SDK
  • SightCall SDK

HIPAA and Healthcare Information:

HIPAA, the Health Insurance Portability and Accountability Act, has standards for protecting sensitive patient data.

It has some requirements that guide its administration and imposition, including some relevant to Health information technology and the electronic exchange of health information: the HITECH Act, the Security Rule, and the Privacy Rule.

HIPAA Privacy Rule deals with Protected Health Information (PHI). The HIPAA Security Rule (SR) deals with electronic Protected Health Information (ePHI), which is essentially a subset of what the HIPAA Privacy Rule encompasses. The HITECH Act specifies levels of violations and penalties for violations of the HIPAA rules.

How Technosoft protects Health information with HIPAA:

Technosoft has numerous structures to protect health information:

1. Groundwork:

Technosoft’s protection frames basis for instantaneous video, audio and data communications leverages Amazon Web Services. Amazon Web Services provides an extremely scalable, highly reliable platform that enables customers to deploy applications and data quickly and securely.

2. Communications:

A distributed network of low-latency multimedia routers resides on Technosoft’s communications infrastructure. With these low-latency multimedia routers, all session data originating from the host’s device and arriving at the participants’ devices are dynamically switched, never stored persistently through the Technosoft communications infrastructure.

3. Encryption:

Technosoft can secure all session content by encrypting the communications channel between the HIPAA compliance video chat users using Transport Layer Security (TLS) encryption tunnel.

4. Media Storage:

Technosoft allows users to record e-PHI video conferences. These files are never stored on our servers or accessible to Technosoft. Files only stored on a user’s computer or HIPAA-compliant EHR system.

WebRTC and HIPAA:

There are two types of solution for integrating video into the applications i.e. WebRTC based and Proprietary. WebRTC is an open standard and allows developers to integrate video chat capability into a web browser based application using the internet and to increase the quality of audio and video. It also provides SDK/APIs for mobile integration on Android and iOS.

Architecturally, there are server based and cloud-based solutions available for both webRTC and proprietary technologies. The HIPAA security regulations intentionally do not deal with the video conferencing solutions, However, we believe that the solution needs to use https for streaming to avoid eavesdropping on calls. That covers confidentiality and integrity of data part of the HIPAA security act. Availability is usually ensured by an uptime SLA with the vendors.

HL7 Interface

                                                                                                            Technosoft WebRTC illustration

1. Signing Data is transferred through NAT or STUN server and then peer to peer connection is established via regular internet connection between the two calling parties.
2. If firewall prohibits signing going through then whole communication happens through the TURN server. In the case, this is not a peer to peer communication and all data is transferred through the TURN server.

We have pre-developed many software frameworks that help us quickly deliver HIPAA compliant solution. All our healthcare software goes through a rigorous HIPAA checklist.

We have HIPAA policies implemented throughout our organization and we will be glad to sign a HIPAA Business Associate Agreement for software development or support service contracts.

To discuss our services, expertise and how we can help you, please contact us.