Looking for a Business Associate Agreement? Download our FREE template.

Free BAA Download
Total HIPAA Logo

Is Skype HIPAA Compliant and Have You Updated Your BA Agreements?

This week we had an interesting discussion on Twitter about whether Skype was HIPAA Compliant or not? Well, there is a simple answer to this one, No.

Wait, why not? Well, they encrypt the data stream using 256-bit encryption, it’s convenient because people are quite familiar with this product, and it’s free to use. So it sounds like a great product to use when communicating with your patients and clients, right? Encryption alone does not a HIPAA compliant product make.

To illustrate how serious this issue is, a doctor was disciplined for using Skype to diagnose and treat patients. He was hit with a 2-year suspension of his license. This wasn’t solely for the use of Skype; he was diagnosing and prescribing medicines to patients he had never met, and one of his patients died, which sparked the audit. The medical board determined that Skype was not an approved Telemedicine communication device.

Microsoft which owns Skype won’t sign a Business Associate Agreement or Business Associate Subcontractor Agreement* with you. This means using Skype is a big no-no for anyone who deals with PHI. Remember, you must have agreements in place with EVERY outside contractor your practice/company uses. This means your records storage and shredding companies, attorney, accountant, cleaning company, IT companies, just to name a few. It is your responsibility to list all of your contractors, make sure that you have up-to-date Business Associate Agreements on file for all contractors. If you haven’t updated those within the last year, this means that you need to rework those agreements. There have been many changes to HIPAA since last year, and you are required to reflect these changes in your agreements.

With the common agency provision in HIPAA, you’re now required to make sure your contractors are HIPAA compliant. This means review agreements, and ask to see both Privacy and Security Policies and Procedures. If your contractors can’t or won’t produce those items, it’s time to find some new folks to work with.

This is your business and livelihood we are talking about, and you need to protect yourself at every turn!

Stay HIPAA Compliant, my friends!

*Remember, covered entities have business associates and business associates have subcontractors. This means covered entities send out business associate agreements, and business associates send out business associate subcontractor agreements.

By Jason Karn

Sharing is caring!

Documents

Looking for a Business Associate Agreement?

Download our free template to get started on your path toward HIPAA compliance.


Download Now

Want to stay informed?

Join our community, stay ahead of the curve on HIPAA compliance and receive free expert guidance.

State of HIPAA Compliance in 2024

Watch the recording of this webinar to learn more about how you can become and stay HIPAA compliant!

Document

Related Posts

What is Access Control in terms of HIPAA?

What is Access Control in terms of HIPAA?

In today's digital world, protecting sensitive data is paramount. This is especially true for organizations that handle electronic Protected Health Information (ePHI), whether you're a healthcare...

Save & Share Cart
Your Shopping Cart will be saved and you'll be given a link. You, or anyone with the link, can use it to retrieve your Cart at any time.
Save Cart & Generate Link
Send Cart in an Email Done! close
Empty cart. Please add products before saving :)

Back Save & Share Cart
Your Shopping Cart will be saved with Product pictures and information, and Cart Totals. Then send it to yourself, or a friend, with a link to retrieve it at any time.
Send Cart Email
Your cart email sent successfully :)