HIPAA Compliant Improvements for Telehealth Customers
We’re delighted to confirm additional features that can be used in a HIPAA compliant way by our customers.
In June of 2022 we were proud to launch our HIPAA compliant add-on and start partnering with customers like Wellnite, Unobravo, and Tebra in their missions to make mental health and telehealth services more accessible.
Today, we’re delighted to confirm additional features that can be used in a HIPAA compliant way by our customers.
What is HIPAA?
HIPAA stands for Health and Insurance Portability and Accountability Act of 1996 and is a Public US Law that requires the adoption of national standards for proper appropriate and secure handling of electronic health data. In other words, healthcare providers in the US must conform to the HIPAA standards that ensure they process protected health data in a responsible, private and secure manner.
What is changing?
After further review of our tech stack and infrastructure, we’re excited to announce we can now offer the following features as HIPAA compliant:
All meeting sizes (“normal” and “group” rooms)
In addition to our Local Recording option, Cloud Recording is now available when recording to your company’s Amazon S3 bucket. Recordings are never stored on Whereby servers and we even offer a recommended bucket policy for you to use to make sure you’re following compliance guidelines. You can read more on our recording options and setup in the recording section of our HIPAA compliance documentation.
We’ve previously offered our smaller (“normal”) rooms as HIPAA compliant, due to their peer to peer connection. We’re excited that now our larger SFU (“group”) rooms will be included as well, providing our customers more flexibility and versatility in their meetings, as well as offering more reliable connections during video calls. Connections between our SFU servers all happen over HTTPS, so they are secure, and we have set up our infrastructure so that video and audio passing through our SFU mesh flow in an entirely ephemeral fashion and are not inspected. You can read about the difference between P2P and SFU, and what meeting room setup makes the most sense for you in our P2P vs SFU blog post.
How do I get HIPAA compliant with Whereby?
The HIPAA compliant package is available on demand, for customers on an annual custom “Grow” plan. In order to be fully HIPAA compliant you must sign a BAA with us, please reach out to your Customer Success Manager to arrange this.
If you already have a Business Associate Agreement (BAA) in place with us, you can explore our step-by-step guide and information in our developer documentation here.
Interested in learning more about our annual custom plans and becoming HIPAA compliant? Reach out to our Sales team here.