Zoom HIPAA Compliant Conferencing Service

Northwestern will be providing a secure HIPAA compliant service for web conferencing. Please review the differences between northwestern.zoom.us and northwestern-restricted.zoom.us before requesting to switch to the Zoom HIPAA compliant conferencing service. To request a HIPAA compliant Zoom account - email consultant@northwestern.edu with your name, email address, netid and request the account. Due to the requirements of converting your existing account to your HIPAA account, a consult is required before the process can be completed. This is to ensure that the impact of changing is clear in how it affects your previous account and how you can use the new HIPAA account.

 

Request a Zoom HIPAA Account
Each account request will result in a brief consultation to ensure there is a clear understanding of the differences between NU Zoom and NU Zoom HIPAA. Email consultant@northwestern.edu with the request for a Zoom HIPAA account.

After the brief consultation, you will receive an invitation via email to join the HIPAA-compliant version of Zoom. After clicking on the invitation email to confirm the account change, you will be able to login using your Northwester NetID and password to https://northwestern-restricted.zoom.us

 
Benefits
Zoom Meetings for HIPAA provides a secure conferencing service when discussing sensitive patient data while retaining most of the same functionality Zoom Meetings has to offer. Despite using a different URL, Zoom HIPAA is still integrated with your existing Northwestern NetID, eliminating the need to manage additional accounts.
 
Changing from regular to Zoom to HIPAA Zoom
When using a ZOOM HIPAA account on northwestern-restricted.zoom.us, you are no longer in the standard NU Zoom environment and will be unable to:
  • Existing Meetings will transfer to the new HIPAA service
  • Alternative Hosts assigned to those meetings cannot join as Co-Hosts
  • Existing recordings DO NOT transfer - be sure to download your videos if needed
  • Recordings will not transfer to Panopto automatically as they do with regular Zoom at northwestern.zoom.us
    • Be sure to download all recordings as necessary
* If you accidentally login to northwestern.zoom.us, you will be asked to move/switch your account.  If you confirm, your account will leave the HIPAA Zoom service and move back to the regular Zoom service. To fix this, submit a ticket to consultant@northwestern.edu and we will re-invite you to the HIPAA service.

 

Limitations
Zoom only permits one email address for your account. An existing NU Zoom account email address cannot exist in both instances at the same time. If you want to keep your existing NU email with the main Zoom instance, you would need a second email account for the HIPAA compliant Zoom service. We will discuss the differences and changes needed to use Zoom HIPAA in detail during the consultation.
 
HIPAA Compliance
If you require HIPAA-compliant Zoom services, several features are disabled in order to comply with HIPAA standards. There are many services that are different than in the regular NU Zoom environment. Please be aware of the following differences between Zoom Meetings and our HIPAA instance:

 

Feature Description Status Reason Implications
Cloud Recordings Record meetings and automatically process and store them in the cloud. Disabled Required by Zoom Local recordings do not receive the automatic transcript file process.
Local Recording Permissions (Hosts) Hosts can record sessions directly to their computer Enabled    
Local Recording permissions
(non-Hosts)
Hosts cannot give permission to participants to record locally Disabled  HIPAA privacy Hosts recordings would need to provided manually

Recording Disclaimer
 
All participants must give consent to be recorded, otherwise they cannot participate in the meeting. Enabled Required by Zoom Refusing consent prevents meeting participation
Meeting Passcode All meeting types and entry points must be passcode protected. Participants joining by phone may enter using either the meeting passcode or their assigned Participant ID number.  
Required
Prevent uninvited participants from randomly entering your meeting by ID number Some participants may need to enter the password when joining without using the one-click join URL.
Waiting Room Guests cannot join a meeting until a host admits them individually from the waiting room.
Required
Prevent unknown guests from joining meetings that may contain sensitive data. The option for attendees to join the meeting before the host arrives is disabled.
Require Encryption for 3rd party endpoints (H.323/SIP) Zoom requires encryption for all data between the Zoom cloud, Zoom client, and Zoom Room. Require encryption for 3rd party endpoints (H323/SIP).
Required
Required by Zoom Participants may be unable to join meetings from SIP devices.
Personal Meeting ID A dedicated Meeting ID for each account
Disabled
  All meetings must be newly generated meeting ID's
Identify guest participants in meeting/webinar Guests (someone who does not belong to the BU HIPAA account) will be highlighted in the participants list of a meeting or webinar.
Required
Improved awareness of who is currently in a meeting that may contain sensitive data.  
Auto saving chats Automatically save all in-meeting chats so that hosts do not need to manually save the text of the chat after the meeting starts.
Disabled
Prevent data from being transmitted to or stored on a non-compliant endpoint or environment. Chats can be saved manually before the meeting ends.
Private Chat Send chat messages in-meeting privately to others
Disabled
Prevent private messages from being sent Chat is publicly viewable by all participants
File Transfer Hosts and participants can send files through the in-meeting chat.
Disabled
Prevent data from being transmitted to or stored on a non-compliant endpoint or environment.  
Live Streaming Allow hosts to live stream their meetings to Workplace by Facebook or Custom Live Streaming Service.
Disabled
Prevent Restricted Use Data from being transmitted or stored in non-approved environments.  
Play sound when participants join/leave Sound will be heard by host when participants join or leave.
Enabled
Improved awareness of who is currently in a meeting that may contain sensitive data.  
Remote Control During screen sharing, the person who is sharing can allow others to control the shared content.
Disabled
Prevent unauthorized access to endpoints with HIPAA or Restricted Use Data.  
Far end camera control Allow another user to take control of your camera during a meeting
Disabled
Prevent unauthorized access to endpoints with HIPAA or Restricted Use Data.  
Remote Support Allow meeting host to provide 1:1 remote support to another participant
Disabled
Prevent unauthorized access to endpoints with HIPAA or Restricted Use Data.  
Save Captions   Disabled    
Peer to Peer connections  When 2 people are connected, they connect directly to each other instead of through Zoom's cloud service. Disabled Full encryption requires   

 

 


 

 

Was this helpful?
0 reviews