How do we meet HIPAA privacy and security standards?
For clients who qualify, Michelle Dougherty RD offer video counseling. This means that we can conduct your session over a webcam with you sitting comfortably in your own home.
Most common video conferencing programs don't provide the security that our clients deserve so we use a fully HIPAA-compliant platform that protects your information and prevents any video data from being recorded or duplicated.
Technical aspects of the Michelle Dougherty RD video counseling service:
- 256-bit AES-encrypted signaling and media stream
- 256-bit SSL-encrypted administration
- 128-bit AES-encrypted full database encryption using BitLocker
- Dedicated data center cage with biometric security, with no reliance on third parties for any routine network maintenance or management
- Each session participant has his/her own individual session access code, which provides granular access and auditability
- Auditing of all system logins and actions by IP addresses and user agents
- No passwords are stored on our system; we store salted one-way password hashes only
- No Protected Health Information (PHI) is stored on our system
- We have no capability to record or store any video counseling
- Emails sent from our system, such as invites, notifications, and reminders, never include any PHI
- For additional PCI compliance, no credit cards are stored on our system, nor does any credit card information pass through our system in unencrypted form; all credit card information is vaulted at our PCI-compliant merchant gateway
- Our media streams run point-to-point by default, instead of through a relay, which results in the videoconferencing streams not transiting our infrastructure in the vast majority of technical scenarios. We do use a secure relay when necessary, as in the case of multiple Network Address Translation (NAT) devices situated between the endpoints.
If you would like to find out more about video counseling please get in touch with us.