FaceTime Calls Are Doctor-Patient Friendly

MacRumors · Sep 21, 2011

Calls made using Apple's video chat program, FaceTime, are encrypted end-to-end and -- with the right setup -- are HIPAA compliant, according to a statement from the company obtained by ZDNet.

This matters because any products for healthcare purchased with federal funds must be HIPAA-compliant. HIPAA, or the Health Insurance Portability and Accountability Act, was a large health-care bill passed in 1996, that, among other things, instituted wide requirements and guidelines surrounding patient privacy and confidentiality.

Keeping Protected Health Information, or PHI, safe and secure is essential for healthcare providers and FaceTime meeting those requirements allows hospitals to not only purchase iPads with federal funds, but it allows doctors to use FaceTime to confer with colleagues about patient issues and to talk directly to patients remotely.

However, to be truly compliant, hospitals need to have the proper wireless network. The WEP encryption protocol isn't strong enough and Apple recommends WPA2 Enterprise for secure communications:

iPad supports WPA2 Enterprise to provide authenticated access to your enterprise wireless network. WPA2 Enterprise uses 128-bit AES encryption, giving users the highest level of assurance that their data will remain protected when they send and receive communications over a Wi-Fi network connection.

In addition to your existing infrastructure each FaceTime session is encrypted end to end with unique session keys. Apple creates a unique ID for each FaceTime user, ensuring FaceTime calls are routed and connected properly.

FaceTime is available on the iPhone 4, iPad 2, fourth generation iPod touch and Macs running Snow Leopard and Lion. Video chats are available between any and all of these devices.

Apple has aggressively promoted the feature since it was released.

Article Link: FaceTime Calls Are Doctor-Patient Friendly

applesith · Sep 21, 2011

That video is so emotional.

jlgolson · Sep 21, 2011

applesith said:
That video is so emotional.

A famous sales aphorism is "Sell the sizzle, not the steak."

Emotion is Apple's sizzle. It's not about the specs -- it's about what you can do with it.

accessoriesguy · Sep 21, 2011

jlgolson said:
A famous sales aphorism is "Sell the sizzle, not the steak."

Emotion is Apple's sizzle. It's not about the specs -- it's about what you can do with it.

True that, and the ease of use compared to the rest of the industry is a very strong hook. why look elsewhere as long as your needs are met.

I know apple can be stingy with it's Bluetooth peripherals and such, but its simply because that way the products that are compatible, are Compatible and will work.

nagromme · Sep 21, 2011

jlgolson said:
A famous sales aphorism is "Sell the sizzle, not the steak."

Emotion is Apple's sizzle. It's not about the specs -- it's about what you can do with it.

I agree that emotion/style are sizzle, not steak.

But what too few tech companies realize is: a list of specs is ALSO only sizzle. What you can DO with the product, and how well, and how easily, is the steak!

Look at cameras that list high megapixels (sizzle) but take poorer pictures (no steak). Or Android tablets that claim Flash (sizzle) even though it doesn’t work well, while there are almost zero truly excellent tablet-scale apps to use (no steak).

LastLine · Sep 21, 2011

jlgolson said:
A famous sales aphorism is "Sell the sizzle, not the steak."

Emotion is Apple's sizzle. It's not about the specs -- it's about what you can do with it.

To be honest, this is the keystone of any successful sales pitch - 'typical' people don't care their computer has 4 cores, 4 gigs of RAM and a speedy graphics chip. They care that it lets them edit their home movies, email their loved ones, store their photos safely etc etc.

It's not what you've got. it's what you can do with it. Apple win at this.

bushido · Sep 21, 2011

Wirelessly posted (Mozilla/5.0 (iPhone; U; CPU iPhone OS 4_3_5 like Mac OS X; de-de) AppleWebKit/533.17.9 (KHTML, like Gecko) Version/5.0.2 Mobile/8L1 Safari/6533.18.5)

never used facetime on any of my 4 iDevices ^^

IzzyJG99 · Sep 21, 2011

Wow. That was a really emotional and good commercial. Especially the end with the deaf couple.

comegetsome · Sep 21, 2011

Apple's pitch for end to end encryption in FaceTime because of HIPAA

Great sales pitch but let's get things straight :

At this moment there are no stated rules within HIPAA Security Rule with regard to encryption for videoconferencing. Yeah I know its crazy and it should be, but the bottom line is : videoconferencing between a covered entity and an individual that does not involve data storage, recording, or archiving is not subject to the HIPAA Security Rule since the transmission is not considered electronic protected health information. So much for the marketing end to end encryption of the video to make it HIPAA compliant. Its good to have but not required by HIPPA

. So much for advertising using the big bad HIPAA as a pretext.

If the iOS device is used to store PHI or access it through a network then the security of the device itself and the access to the PHI is in play and needs to be adressed. The problem is the device not the videoconferencing application...

I'd be more scared of people stealing the doctor's iOS device and perusing my PHI then a hacker that would try to hack a hospital network and or the doctor iOS device to listen in on a videoconference. Too much work for little gain.

Bottom line

MacinDoc · Sep 21, 2011

Great, but I wouldn't normally share my phone number with patients, in order to protect my family's privacy, and most docs I know have similar opinions. Of course, there are always exceptions, depending on the circumstances.

spillproof · Sep 21, 2011

MacinDoc said:
Great, but I wouldn't normally share my phone number with patients, in order to protect my family's privacy, and most docs I know have similar opinions. Of course, there are always exceptions, depending on the circumstances.

No need. FaceTime can be called using an email address.

alphaod · Sep 21, 2011

What's with the Asian girls hooking up with white dudes for citizenship?

AmpSkillz · Sep 22, 2011

bushido said:
Wirelessly posted (Mozilla/5.0 (iPhone; U; CPU iPhone OS 4_3_5 like Mac OS X; de-de) AppleWebKit/533.17.9 (KHTML, like Gecko) Version/5.0.2 Mobile/8L1 Safari/6533.18.5)

never used facetime on any of my 4 iDevices ^^

Awww... hang in there buddy

----------

MacinDoc said:
Great, but I wouldn't normally share my phone number with patients, in order to protect my family's privacy, and most docs I know have similar opinions. Of course, there are always exceptions, depending on the circumstances.

i think its more for a physician to consult the patient in the hospital from his device to the hospitals device when he is not on site, not necessarily for you to facetime a patient at home

sort of why they mention the hospital wifi encryption which patients would not have access to

Manderby · Sep 22, 2011

We had a project recently about sharing video and image information for medical purposes. It was canceled simply because if there was just one single false diagnosis ever because for example of wrong color correction, false illumination, a compression artifact, a miscolorization of the lense, false perspective, heck even just holding the device rotated by an angle, etc, there would be lawsuits up their asses. Remote diagnosis is not going to happen very soon. At least not with doctors which are serious about medicine.

mkrishnan · Sep 22, 2011

AmpSkillz said:
i think its more for a physician to consult the patient in the hospital from his device to the hospitals device when he is not on site, not necessarily for you to facetime a patient at home

Actually a lot of telehealth interest has to do with patients who live too far away from specialists. NPR did a piece on neurologists specializing in Parkinson's doing videoconferencing with patients in a remote part of the NE who were just too far away from a Parkinson's specialist.

When I did telehealth, it involved providing services from a doctor's office to a doctor's office -- I was at our main clinic and the patients were at a local doctor's office where the VA had put the hardware, but they didn't have the specialist available to see them. A lot of times they do this so someone can do something like get blood pressure or heart rate, if necessary, and also so that there are less IT issues.

Otherwise, the other typical scenario is that the doctor is at his/her office and the patient is at their home.

I guess I could see the scenario where the doctor is the one at home... that would probably mostly be videoconferencing between providers, like two surgeons talking about a case, with one surgeon in an operating theatre and the other one, who has the subject expertise, perhaps at home.

EDIT: Apple's compelling offer is that they're end to end, and all this is installed on the computers already, not to mention interoperable with iOS devices. Otherwise, webcam videoconferencing is one of those ridiculous things where almost everyone has the hardware and almost no one does it.

philiplipetz · Sep 22, 2011

Who at Apple should we contact about TeleHeath?

Consultant · Sep 22, 2011

comegetsome said:
Great sales pitch but let's get things straight :

Bottom line, you signed up just to post an unsubstantiated opinion.

MacinDoc said:
Great, but I wouldn't normally share my phone number with patients, in order to protect my family's privacy, and most docs I know have similar opinions. Of course, there are always exceptions, depending on the circumstances.

You know that you can get a new number / email ONLY for hospital purposes?

interrobang · Sep 22, 2011

comegetsome said:
At this moment there are no stated rules within HIPAA Security Rule with regard to encryption for videoconferencing. Yeah I know its crazy and it should be, but the bottom line is : videoconferencing between a covered entity and an individual that does not involve data storage, recording, or archiving is not subject to the HIPAA Security Rule since the transmission is not considered electronic protected health information. So much for the marketing end to end encryption of the video to make it HIPAA compliant. Its good to have but not required by HIPPA . So much for advertising using the big bad HIPAA as a pretext.

http://ecfr.gpoaccess.gov/cgi/t/tex...8&view=text&node=45:1.0.1.3.77.3.27.6&idno=45

A covered entity must, in accordance with §164.306:
[...]
(e)(1) Standard: Transmission security. Implement technical security measures to guard against unauthorized access to electronic protected health information that is being transmitted over an electronic communications network.

comegetsome · Sep 22, 2011

Not an unsubstantiated opinion... if you have better facts put them out there

Consultant said:
Bottom line, you signed up just to post an unsubstantiated opinion.

My 'opinion' was guided by the facts that existing rules within the HIPPA security rule are based on the notion of electronic protected health information and that interactions with a patient through videoconferencing doesn't necessarily fits into this unless you record it (or other data) and stored it on an electronic information systems that maintain protected health information. It all boils down to defining what is personal health information... and where its stored and accessed.

I am not a HIPPA expert (I am from Canada- insert joke here) but I have been a member of the American Telemedicine Association (ATA) for the last 4 years, currently a professor at a school of medicine and I have been directly involved in multiple clinical trials of in home telecare based on videoconferencing for the last 7 years. I know a bit about telemedicine, its context of use and technology. I don't know however all of the intricacies of HIPPA.

The same question on the need for encryption of videoconferencing in HIPPA was raised in a discussion forum at ATA. Nobody from that pool of 'experts' could come up with a clear statement within the HIPAA security rule that specify the need for encryption of videoconferencing. Multiple people in that discussion forum put forward references that videoconferencing was excluded from the security rules because :

"paper-to-paper" faxes, person-to-person telephone calls, video teleconferencing, or messages left on voice-mail were not in electronic form before the transmission, those activities are not covered by this rule".

We couldn't find this statement in the HIPPA rule but it is also referenced on
the American Speech-Language-Hearing Association (ASHA) website:
http://asha.org/practice/reimbursement/hipaa/securityrule.htm

I was thus not expressing a 'unsubstantiated opinion'.

It was however a jab at a marketing campaign from a vendor that exploits something that is still not clearly expressed as a requirement under the existing HIPPA security rule. Encryption is good thing in itself, forget about HIPPA.

You have better facts put them out there...

MacinDoc · Sep 22, 2011

Consultant said:
Bottom line, you signed up just to post an unsubstantiated opinion.

You know that you can get a new number / email ONLY for hospital purposes?

Yes, of course, serves me right for posting at the end of a 24 hr shift. Must...engage...brain...before...posting...

JAT · Sep 22, 2011

MacinDoc said:
Great, but I wouldn't normally share my phone number with patients, in order to protect my family's privacy, and most docs I know have similar opinions. Of course, there are always exceptions, depending on the circumstances.

Um, how do the patients make appointments if you don't give out your phone number? Business must be slow.

MacinDoc · Sep 22, 2011

JAT said:
Um, how do the patients make appointments if you don't give out your phone number? Business must be slow.

Patients would not be phoning my office number to use FaceTime; it's hard enough already to get through to book appointments. I was referring to my personal number (my iPhone number is not my office number).

negativzero · Sep 22, 2011

Is that Jason Bourne using an iPhone?

philiplipetz · Sep 23, 2011

There are stated rules within the reimbursement codes that favor encrypted video over non encrypted.

mdelvecchio · Sep 23, 2011

nagromme said:
But what too few tech companies realize is: a list of specs is ALSO only sizzle. What you can DO with the product, and how well, and how easily, is the steak!

sorry, but youre wrong. specs are "features", not the "benefits" (of said features). the sizzle is always selling the benefits, not the features. this is an ad law that predates your existence on the planet. sorry.

FaceTime Calls Are Doctor-Patient Friendly

macrumors bot

macrumors 68030

Contributing Editor

macrumors 6502a

macrumors G5

macrumors 65816

Suspended

macrumors 6502

macrumors newbie

macrumors 68020

macrumors 68020

macrumors Core

macrumors regular

macrumors 6502a

Moderator emeritus

macrumors newbie

macrumors G5

macrumors 6502

macrumors newbie

macrumors 68020

macrumors 603

macrumors 68020

macrumors 6502a

macrumors newbie

macrumors 68040

Our Staff