For healthcare practitioners, an interactive whiteboard app can help visualize patient care and treatment. However, as with all methods of healthcare technology, an important issue is keeping digital tools safe and HIPAA compliant.
Everyone in the digital health sphere must be HIPAA compliant to avoid HIPAA violations and ensure that patients' protected health information (PHI) remains safeguarded. The HIPAA industry is vast, and it is vital to keep all software secure, including whiteboard apps.
HIPAA and HIPAA compliant business associates
HIPAA is U.S. legislation created to improve healthcare standards. The Privacy Rule sets the guidelines on the use and disclosure of patients' data. And the Security Rule sets the necessary administrative, technical, and physical safeguards to defend PHI.
The idea is to restrict access to PHI and monitor how it is communicated. Covered entities and their business associates must be HIPAA compliant to protect patients' rights and privacy.
A business associate is a person or company that performs certain functions or activities that involve the use or disclosure of PHI. Healthcare organizations must have assurance that the information is protected through a signed business associate agreement (BAA). The BAA demonstrates that a business complies with HIPAA's rules.
A whiteboard app would fall into the category of a business associate, and the company would need to sign a BAA.
HIPAA and whiteboard apps
A virtual whiteboard is an interactive learning space that can be used in real-time. Practitioners and patients can connect virtually or in person with a whiteboard. The technology allows users to simultaneously view needed information and occasionally update simultaneously.
Read more: A software guide for new therapy practices
Some teletherapy and record-keeping platforms have integrated whiteboard functions. Digital whiteboard tools can be helpful to:
- Visually explain concepts
- Track progress
- Present charts and X-rays
- Facilitate certain treatment exercises
These platforms support providers in meeting patients near and far, extending the reach of an organization. Moreover, they can offer patients more convenience and better patient care.
What whiteboard apps are HIPAA compliant?
Many whiteboard apps or apps that include whiteboards are available, but not all meet HIPAA requirements of encryption, data storage, and access controls. Nor will all whiteboard apps provide HIPAA compliance through a signed BAA. We've researched to see which companies will sign a BAA and, therefore, may be HIPAA compliant.
Google Jamboard, launched in 2016, is an interactive whiteboard designed for cross-platform collaboration and is part of Google Workspace. We checked Google for mention of their ability to sign a BAA for Google Jamboard. We found a Google Workspace Administrator Help article called HIPAA Compliance with Google Workspace. In the article, Google points out: "Administrators must review and accept a BAA before using Google services with PHI. Google offers a BAA covering . . . Google Jamboard."
As the collaborative digital canvas for Microsoft 365, Microsoft Whiteboard allows team members to share ideas within a visual workspace. We checked Microsoft's website and found a HIPAA-related web page. The page is a bit confusing but outlines each Microsoft product that is considered in scope for the Microsoft BAA. Four versions of Microsoft 365 can be HIPAA compliant by being included in the BAA:
- Office 365 (Commercial)
- Office 365 Government Community Cloud (GCC)
- Office 365 Government Community Cloud – High (GCC High)
- Office 365 DoD (DoD)
TigerConnect is a communications platform that allows users to send secure messages, photos, videos, notes, and voice recordings through their TigerText service. TigerConnect specifically designed its product with healthcare workers in mind. TigerConnect will sign a BAA with their users.
What whiteboard apps may be non-compliant?
Some whiteboard apps do not appear to or won't sign a BAA:
- Lucidspark (could not find any information about HIPAA)
- Miro (currently won't sign a BAA)
- Scribble Together (could not find any information about HIPAA)
The list of whiteboard apps or apps that include whiteboards is extensive. It is ultimately up to every healthcare organization to know who they partner with and ensure HIPAA compliance.
Technology use that is smart, safe, and HIPAA compliant
One thing that cannot be forgotten while healthcare access to digital technologies grows is the HIPAA Act. Penalties for violations can be significant, depending on the breach itself. Always prioritize HIPAA compliance when choosing digital tools, as the safety and privacy of your patients' information are paramount.