As the world continues to adapt to the changes brought on by the COVID-19 pandemic, the health care industry has ridden waves of changes brought on by “the new normal.” The U.S. Department of Health & Human Services acted quickly to remove barriers to providing the best care possible to patients by announcing that the Office for Civil Rights (OCR) would not penalize the use of video conferencing tools that are not HIPAA-compliant during the pandemic. This notification went on to suggest that providers seek out HIPAA-compliant video communication products whenever possible, but the lifted restriction allowed providers to care for their patients utilizing their best judgment without red tape restricting their ability to improve patients’ lives.
However, now that we are seven months into the pandemic, one of the questions I have been hearing more and more often is: “What makes pMD’s telehealth video platform HIPAA-compliant?”
Let’s get technical
While the Health Insurance Portability & Accountability Act (HIPAA) policy has several goals, the one that applies to video conferencing is to respect individuals' rights to privacy by requiring secure handling of individuals’ health data. Covered entities, such as health care providers, insurance providers, and clearinghouses, in addition to business associates, or another company that conducts business with a covered entity and comes into contact with patient information, are subject to the HIPAA legislation.
Two major sections of the HIPAA legislation are The Privacy Rule and The Security Rule. The Privacy Rule covers the patients’ rights to privacy and appropriate processes for using and sharing PHI, or Protected Health Information, no matter the medium used. The Security Rule sets standards for electronic storage and transfer of PHI. These standards within The Security Rule include administrative actions, physical safeguards, and technical standards.
pMD’s telehealth video chat functionality (as well as all our other software products) meets the requirements set forth by the HIPAA legislation. We execute Business Associate Agreements (BAA) with our customers in order to provide the assurance that we will handle our clients’ PHI with the utmost care, to disclose how we manage and process PHI, to outline how we will safeguard the data, and to determine how we will help our clients comply with the Privacy Rule.
In addition, pMD utilizes the highest encryption standards across the industry in order to protect our customers. While other vendors shy away from storing clinical information and, in some cases, even advertise that they will not store any information on your behalf, pMD understands the clinical importance of having a fully integrated solution for telemedicine and instead builds robust technical systems to manage your patients’ health information.
pMD also understands that HIPAA-compliance is not necessarily enough to protect PHI, so we consistently go above and beyond the security measures required by legislation to ensure we serve as a trustworthy and reliable partner for our customers. Each year, pMD undergoes rigorous voluntary security audits to confirm that we meet the industry’s best practices.
Make the best decision for your practice
While pMD has taken strong steps on the security front, this is still only one of the critical factors that should go into evaluating telehealth vendors. pMD’s extraordinary customer service, our collaborative approach to implementing the best telehealth workflow regardless of your organization’s size, and the intense focus we place on the pMD user experience set us apart from the competition. All of this is backed by the organization you know and trust: a 20+ year player in the health care industry with thousands of happy customers. If you’d like to learn more about our telehealth solutions, contact us.
To find out more about pMD's suite of products, which includes our charge capture and MIPS registry, secure messaging, team and pro communication, and care navigation software and services, please contact pMD.