HCA statement on security in telehealth technology

Fri, 04/03/2020

In response to the COVID-19 pandemic, HCA purchased a limited number of licenses for Zoom, a video conferencing technology that helps health care providers continue seeing patients without a physical encounter. HCA has made those licenses available to providers using an application process.

HCA has heard concerns about the security and privacy of telehealth technology. We want to assure providers who are using HCA-purchased licenses that we have been careful to offer licenses that are as secure as possible:

  • The licenses HCA purchased are under the Zoom for Healthcare. This is under a Health Insurance Portability and Accountability Act (HIPAA)-compliant business associate agreement.
  • We have configured the licenses to protect against video conference intrusions. This includes:
    • Clients coming into an appointment enter a virtual waiting room and can only be admitted by the provider.
    • Only the provider can share content via video screen.
    • Providers sending links only to patients.
    • Recording is disabled.

If you were granted a license from HCA, when you access Zoom, please do so by going to the Zoom login page, and supplying the email address you used to register with HCA, and entering the password you created when you registered. If you created a Zoom account separate from this process, it is most likely a public account and does not have the same security features.

As a reminder, HIPAA has been waived in many instances for the duration of the COVID-19 pandemic, but it is still important to protect patient personal health information to the extent possible. HCA encourages providers to use the account issued by HCA, or a similarly secured telehealth solution that you have previously procured.