BOOKINGS

Compliant video conferencing for Patient Consultations – How safe are Zoom and Hangouts?

video
Meri R.
Written by Meri R.

With a third of humanity now in lockdown, video conferencing is quickly becoming a normal way to communicate, whether it’s a business meeting, attending class or chatting with friends and family.

Everyone’s life is impacted differently and for some of us business meetings must still carry on – from home.

However, there are risks that come with technology. If you don’t use the right tools, video conferencing might be disastrous for protecting the health information (PHI) of your patients.

That’s why we have put together this practical guide to help healthcare professionals make educated decisions that consider the security of patient information to be a top concern.

Is your current video-conferencing platform safe?

I hate to break this to you, but security researchers say that apps such as Google Hangouts or Zoom are a ‘privacy disaster’. The use of these video-conferencing platforms have quickly escalated and have seen a tremendous rise in traffic in the past month. And that has raised concerns about its security too.

Here’s what you need to know about the challenges with Hangouts or Zoom:

“Video hijacking” on the rise
Last month, the FBI announced its investigation on cases of video hijacking, in which hackers infiltrate video meetings. Conference meetings can be accessed by a short number-based URL, which can be guessed by hackers, a January report from the security firm Checkpoint found.

Security flaws
A number of security flaws affecting these platforms has been reported by many users this month. In 2019, it was revealed Zoom had quietly installed a hidden web server on user devices that could allow the user to be added to a call without their permission. And a bug discovered this month would enable hackers to take over a Zoom user’s Mac, including tapping into the webcam and hacking the microphone.

No end-to-end encryption
Zoom has falsely advertised itself as using end-to-end encryption, a system that secures communication so that it can only be read by the users involved, a report from the Intercept found. Zoom confirmed in a blog post that end-to-end encryption was not currently possible on the platform and apologized for the “confusion” it caused by “incorrectly” suggesting the opposite.

Selling user data
A report from Motherboard found Zoom sends data from users of its iOS app to Facebook for advertising purposes, even if the user does not have a Facebook account.

Other privacy concerns:

The Electronic Frontier Foundation has also compiled a list of its privacy issues:

  • the host of a Zoom call has the capacity to monitor the activities of attendees while screen-sharing. They can see whether Zoom windows are active or not
  • it also allows administrators to see detailed dashboards of users’ activity, including a ranking system of users based on total number of meeting minutes
  • if a user records any calls via Zoom, administrators can access the contents
  • during any meeting that has occurred or is in progress, administrators can see the operating system, IP address, location data and device information of each participant

Why using Pabau’s video-conferencing is safe and compliant?

And now, the good news!

Pabau video conferencing helps you to be compliant in a few ways:

1) It protects data privacy in that all video communication is securely encrypted and transmitted from point-to-point such that even Pabau does not have access to any information that may be communicated.

2) Pabau agrees to be responsible for keeping all patient information secure and to immediately report any breach of personal health information.

3) Pabau does not store video transmissions.

Embrace the lockdown while maintaining standards!

 

About the author

Meri R.

Meri R.