Can I use VSee and be HIPAA compliant?

Can I use VSee and be HIPAA compliant? | Paubox

We’ve been getting asked by customers and prospects about various telehealth solutions and whether they can use them in a HIPAA compliant manner.

We know the HIPAA industry is vast so we can empathize with just how many people need to use cloud-based services in this sector.

Today we will determine if VSee is a HIPAA compliant service or not.

About VSee

VSee is a video conferencing and messaging platform designed for use in healthcare and other industries. It allows users to hold virtual meetings, make video calls, and exchange messages and files.

VSee is designed to be secure and compliant with industry regulations. It includes features such as end-to-end encryption, password protection, and the ability to remotely wipe data from lost or stolen devices. It is available for use on various devices, including desktop and mobile computers, tablets, and smartphones.

VSee and the business associate agreement

We’ve previously talked about how a business associate agreement (BAA) is a written contract between a covered entity and a business associate. It is required by law for HIPAA compliance.

We checked VSee’s site and found a page called HIPAA and VSee Video Conferencing.

It states:

VSee video chat helps you to be HIPAA compliant in two ways:

1)  It protects data privacy in that all audio/video communication is securely encrypted.

2)  VSee offers the HIPAA-required Business Associate Agreement where VSee agrees to be responsible for keeping all patient information secure and to immediately report any breach of personal health information.

This is a good sign.

Notification of Enforcement Discretion

When the pandemic first hit in March 2020, the U.S. Department of Health and Human Services (HHS) quickly announced the Notification of Enforcement Discretion, which allowed health care providers to use widely available communication apps without the risk of incurring HIPAA fines.

This notice allows health care providers to use popular applications to provide telehealth services, so long as they are “non-public facing.”

Examples of non-public facing applications include:

  • Amazon Chime
  • Apple FaceTime
  • Facebook Messenger
  • Google Hangouts video
  • Google Hangouts
  • iMessage
  • Jabber
  • Signal
  • Skype
  • Spruce Health Care Messenger
  • Updox
  • VSee
  • WhatsApp
  • Zoom

See also: HIPAA privacy and security guidelines as they relate to telehealth

Is VSee HIPAA compliant?

The business associate agreement is a key component to HIPAA compliance between a covered entity and a business associate.

As we noted earlier, VSee is willing to sign a BAA with its customers.

In addition, VSee is considered by HHS as a telehealth solution that can be used in a non-public facing manner. While the HHS Notification of Enforcement Discretion is not indefinite, it would allow healthcare entities to use VSee and not be liable for HIPAA fines even if VSee did not offer a BAA to their customers.

Conclusion: VSee can be configured to be HIPAA compliant.

About the author

Hoala Greevy

Founder CEO Paubox. Kayak fishing when I can.

Read more by Hoala Greevy

Get started with
end-to-end protection

Bolster your organization's security with state-of-the-art email encryption and inbound email security.

Highest rated HIPAA compliant messaging solution on G2

EmailEncryption BestMeetsRequirements MeetsRequirements
SecureEmailGateway MostImplementable Total
SecureEmailGateway Leader Leader
SecureEmailGateway EasiestToUse EaseOfUse
SecureEmailGateway EasiestAdmin EaseOfAdmin
SecureEmailGateway BestUsability Total
SecureEmailGateway BestResults Total
SecureEmailGateway BestRelationship Total
EmailEncryption UsersMostLikelyToRecommend Nps
EmailEncryption MomentumLeader Leader