Becoming HIPAA Compliant on Zoom for Occupational Therapy Telehealth and Meetings

Occupational therapists fall under the covered entity designation for HIPAA when they render services with their clients. As advances in technology continue and occupational therapy moves into the virtual space, it is important to be compliant with the latest laws, such as HIPAA.

Covered entities under HIPAA are individuals or entities that transmit protected health information for transactions for which the Department of Health and Human Services has adopted standards (see 45 CFR 160.103).

As an occupational therapist student, sole proprieter practicing under your name, DBA/FBN, LLC, or other company either in private practice, consulting, education, or another purpose — it’s likely that you need to adhere to HIPAA standards.

By the way, if you are regularly using Zoom for “business-related” purposes, I would consider subscribing instead of using the personal plan (free) as I am not sure if this would violate their ToS. A zoom subscription is relatively affordable if you use it regularly and is likely able to be written off as a business expense for tax purposes.

You may need to obtain an NPI number as well.

Disclaimer: Now I am by no means an expert on this topic and if you are unsure, you should consult with an attorney or consultant who is familiar with HIPAA in the particular state that you practice in.

The process of becoming HIPAA compliant on Zoom is fairly straightforward.

Steps

Subscribe to a healthcare provider plan (choose from dropdown instead of general plan) on zoom (any plan besides personal) has this offering. As prices with any business will change with time, I won’t quote specific pricing, but Zoom is competitive and their healthcare option is not going to be much more expensive than a non-healthcare subscription.
Read the Business Associate & HIPAA agreement.
Agree to the Business Associate & HIPAA agreement.
Comply with the most up-to-date HIPAA and state law where you practice when using Zoom with clients and discussing and/or transmitting protected health information.

Follow best-practice for digital security, privacy, and HIPAA-related matters including locking your workstations, not sharing your computer or Zoom password, not sharing protected health chats, transcripts, files, or Zoom recordings without consent, and so on.

Always obtain consent before recording or using client’s faces for branding/marketing, education, or even just saving to your computer or to the cloud. I have not played around with Zoom too much but they also offer a Cloud saving option and it would be interesting to see how this is seen in the eyes of HIPAA — but that’s a topic for another day.

Hope this helps!

DISCLAIMER

All information provided by OT Dude is for educational purposes only and must never be considered a substitute for medical advice provided by a physician or other qualified healthcare professional. Always seek the advice of your physician or other qualified health professional with any questions you may have regarding a medical condition. Our content does not replace the relationship between your physician or any other qualified health professional.

OT Dude is a participant in the Amazon Services LLC Associates Program, an affiliate advertising program designed to provide a means for sites to earn advertising fees by advertising and linking to Amazon.com.

OT Dude does not offer a substitute for professional legal or tax advice. If you have questions about your tax liability or concerns about compliance, please consult your qualified legal, tax, or accounting professional.

OT Dude does not make any warranty or guarantees with respect to the accuracy, applicability or completeness of accessible content. Under no circumstances will OT Dude be responsible or liable in any way for any content, including but not limited to any errors or omissions in the content or for any direct, indirect incidental or punitive damages arising out of access to or use of any content made available.

All product and company names are trademarks™ or registered® trademarks of their respective holders. Use of them does not imply any affiliation with or endorsement by them. The content presented or generated by OT Dude are either my personal views or derived from an external resource and referenced when possible.

Affiliate links or relationships will be disclosed if there is any compensation for products mentioned on our site.

Ads are displayed throughout this website to provide you with free content. OT Dude does not endorse the companies, products, or services displayed in these ads.