The recent discovery of a security flaw that allows Skype accounts to essentially be hijacked has again raised the issue of the security of web-based platforms—and whether providers can meet their HIPAA obligations when using these communication tools. The issue of Skype and similar platforms and HIPAA compliance is one that I am often asked about. In a previous post, I addressed the issue and concluded that providers who wish to use Skype or similar platforms proceed with great caution. I noted that the use of web-based platforms, especially those that are proprietary, may make it ...
Is Skype HIPAA-compliant? This is probably the question I get asked the most. For the sake of this post, I am using the term Skype to include Skype and similar free web-based communication platforms relying on proprietary voice over Internet technology.
As with so many things, the answer is complicated. But the question itself is misleading. Many vendors and manufacturers market their technology and products using terms such as “HIPAA compliant.”
However, products or technology cannot themselves be “HIPAA-compliant.” Hospitals, providers, and other covered entities ...
Blog Editors
Recent Updates
- The DOJ’s Bulk Sensitive Data Rule and Your Obligation to “Know Your Data”
- Eliminating the GRAS Pathway: An Update
- Brand Licensing in Health Care: An Overview for Hospitals
- FDA Proposal Would Extend Food Traceability Rule’s Compliance Deadline to July 2028
- NYDFS Cybersecurity Crackdown: New Requirements Now in Force, and "Covered Entities" Include HMOs, CCRCs—Are You Compliant?