OmniJoin Compliance Statement
Brother International Corporation (Brother) understands and appreciates the importance of providing customers with services that comply with laws applicable to their business. Healthcare entities and providers, including our customers, use web and video conferencing to improve efficiency and reduce travel costs for both themselves and their patients. The practice of telehealth (or telemedicine), where consultations are held as online meetings between providers, or between providers and their patients, afford privacy, security and real-time interaction, without the inconvenience of traveling or waiting.
Wherever healthcare and technology overlap, questions about the Health Insurance Portability and Accountability Act (HIPAA) inevitably arise. Title II of HIPAA deals with the privacy and security of electronic healthcare transactions and sets out criteria for compliance. Brother is neither a Covered Entity nor a Business Associate as defined under HIPAA. Specifically, as stated in the Federal Register, Vol. 75, No. 134, p. 40873, “...entities that act as mere conduits for the transportation of protected health information but do not access the information other than on a random or infrequent basis are not business associates”.
Covered entities and their business associates may securely and privately use OmniJoinTM web conferencing in healthcare-related video conferences. While control over the selection of content shared by users in an online meeting rests with those covered entities and business associates, OmniJoin web conferencing provides safe and secure capabilities to help them comply with their compliance obligations.
HOW HIPAA RELATES TO VIDEO CONFERENCING
The HIPAA Privacy Rule governs the ways in which information about a patient’s health status, treatment and payment is used and disclosed. The rule applies to covered entities — not to providers of video conferencing, phone, fax or email services — and requires covered entities, among other things, to take reasonable steps to ensure confidentiality in communicating this information.
The HIPAA Security Rule sets out standards for keeping Electronic Protected Health Information (EPHI) safe. Of note is its Technical Safeguards provision, setting rules for access to computers and the secure communication of EPHI over public networks to protect it from interception by anyone other than the intended recipient. Again, compliance with these safeguards rests squarely with the covered entities who, under 45CFR164.312, must “implement technical security measures to guard against unauthorized access to electronic protected health information that is being transmitted over an electronic communications network.” As they relate to video conferencing, these measures include “a mechanism to authenticate EPHI,” “a mechanism to encrypt and decrypt EPHI,” and “policies and procedures to protect EPHI from improper alteration or destruction.”
Although HIPAA does not apply to Brother, the OmniJoin service can help covered entities satisfy their compliance obligations by providing a superior level of security for its online meetings. With its high security standards, OmniJoin web conferencing exceeds the Technical Safeguards of HIPAA's Security Rule related to authentication and encryption.
We can help you navigate the issues around security compliance and web conferencing usage, so Contact Us today to schedule a demo or learn more at www.omnijoin.com.