Yes, GoToMeeting is HIPAA compliant. This service provides security features that adhere to HIPAA regulations for the healthcare industry.
GoToMeeting provides technical, physical, and administrative safeguards for online meetings and videoconferences. According to the GoToMeeting website, these security controls meet or exceed HIPAA technical standards. One of these features is end-to-end encryption. All data in transit uses AES 128-bit encryption, including chat information, audio, and video files.
Additionally, logs of session activity and account connection create an audit trail for HIPAA compliance. Account managers can access management and reporting tools to see account activity. When an account is inactive for a certain period of time, an automatic log-off feature requires a new login before the information can be accessed again.
Only authorized individuals can access accounts. Access security features include password protection and unique meeting codes. Meeting organizers have full control over who can join each meeting. GoToMeeting verifies a user’s identity through a unique email address and password.
Covered entities must enter into a Business Associate Agreement (BAA) with GoToMeeting before using these services for protected health information. Once this BAA is in place, and the client correctly configures their account security features, these videoconferencing tools are HIPAA compliant.
