Is FaceTime HIPAA Compliant? FaceTime for Telemedicine

Posted by Michael Hsu on 5/19/20 5:17 AM
Michael Hsu

FaceTime is Apple’s proprietary app primarily used for video calling, but audio calls are also an option. It is available for iOS and Mac devices, so you can use it on your:

  • iPhone
  • iPod touch
  • iPad
  • Mac computer
  • Apple Watch

Due to the app’s popularity and widespread use, many are wondering if FaceTime can be utilized by healthcare providers for online appointments with patients. To answer that question, we first need to see if the app is HIPAA compliant and what that means for medical professionals.

Is FaceTime HIPAA compliant?

As a HIPAA covered entity, if you need to communicate protected health information (PHI) via a channel, that channel’s provider is considered your business associate (BA). 

A BA needs to enter into a business associate agreement (BAA) with you. This contract ensures that your HIPAA-defined responsibilities for protecting and securing electronic PHI are transferred to your BA as well. In other words, the agreement guarantees that your BA will also adhere to the HIPAA Rules in order to protect sensitive patient data.

Apple doesn’t state anywhere that they would enter into a BAA for FaceTime with anyone. This is not surprising. Most providers won’t sign a BAA for consumer apps because they know these are risky and difficult to control, no matter what kind of protection they use. Enterprise apps are different in this respect since they are aimed at business entities rather than individuals.

FaceTime communication is protected with end-to-end encryption, which means only end-users of the app have access to it, and all data is secure during transit. This is one of HIPAA requirements, but there’s also a rule that requires a BA to have access controls in place. 

Once you set up FaceTime, there are no access and authentication controls whatsoever. Anyone can open the app on your device since no password is required. This might not be relevant since they would only be able to see your call history, but this is still one of HIPAA-required safeguards.

Even if FaceTime satisfied all the HIPAA requirements and had all the required safeguards in place, it couldn’t be made HIPAA compliant. If Apple is unwilling to sign a BAA, the app can’t be considered compliant in the eyes of the law.

The appeal of FaceTime for telemedicine

Even though the app is not HIPAA compliant, it can be used during the coronavirus national emergency. The Department of Health and Human Services has issued a temporary regulation that allows healthcare providers to use non-compliant communication platforms during the COVID-19 public health emergency. 

This was done in an effort to make healthcare services available to everyone online, especially to the older population who are not digital natives and might have trouble using technology.

We understand what makes you consider FaceTime for telehealth purposes in this light. Three factors make it a tempting solution:

  1. It’s free
  2. It’s familiar
  3. It’s easy to use

FaceTime is free (but it lacks functionality)

You won’t have to spend a dime on this app if you own an Apple device as FaceTime is Apple’s proprietary app. This might seem like a good thing because you’ll save money you’d have to pay for a monthly subscription if you opted for another solution. The truth is FaceTime may lose you a lot of money in the long run since it doesn’t offer the functionality that healthcare-specific platforms do.

FaceTime is familiar (but it’s unprofessional)

Most Apple device users are familiar with the app and have already “FaceTimed” at least once. You might believe that this familiarity with the app will reassure your patients and appeal to those less tech-savvy among them. Using a consumer app such as FaceTime could also make you appear less professional. You can find a solution that is both professional and patient-friendly.

FaceTime is easy to use (but there are better and easier solutions)

Mac and iOS device users know how easy it is to use FaceTime. You open the app, find the desired contact, and tap the video or audio call icon. That’s why your patients won’t have trouble using it, even the older ones. 

The app still requires some setting up, though. This might be a bit difficult for your senior patients. Some of them don’t even own an iPhone or another Apple device. You can find a solution that allows you to contact your patients in ways that don’t require them to set up an app at all.

Even though you can use FaceTime during the national public health emergency, we advise against it. You won’t be able to continue using it once the emergency is over, and it can’t offer you what a healthcare-specific, fully HIPAA compliant platform can.

Curogram is a HIPAA compliant platform designed for healthcare providers

You can use FaceTime as a temporary solution, but it’s much better to get a platform designed with medical professionals in mind such as Curogram.

Curogram is a completely HIPAA compliant solution that can help you set up your virtual online clinic in no time. It is an all-encompassing platform that allows you to communicate with your patients using a two-way SMS texting system from your browser. Curogram can integrate with your EHR for interoperability and help you send PHI in a HIPAA-secure way.

With Curogram, your medical practice will thrive, and your patients will be fully satisfied. If you’re still considering FaceTime though, here are some problems that will make you regret choosing it:

  1. FaceTime is available only on Apple devices
  2. You can’t send any media via FaceTime
  3. FaceTime doesn’t integrate with your EHR
  4. FaceTime doesn’t allow you to replicate established workflows
  5. FaceTime is inadequate for multi-person appointments

FaceTime is available only on Apple devices

FaceTime can be used on all Apple devices, but this is not enough. It makes it impossible for many patients who don’t own iOS or Mac devices to have an appointment with you. If a patient owns an Android phone and a Windows PC, they can’t show up for a FaceTime tele-visit. 

This is undoubtedly a serious issue. Many patients will be left out, which will lead to your losing both patients and revenue. It may even result in a bunch of negative reviews for your practice, which will damage your reputation further.

Curogram is a patient-centric platform that doesn’t discriminate. Anyone can join a video appointment as they don’t have to download any apps. Patients get automated visit links that lead them straight to the appointment when they click it. It’s even easier to use than FaceTime. 

Our platform also allows you to message your patients via our HIPAA compliant texting solution, which is a universal communication option regardless of the operative system.

You can’t send any media via FaceTime

This is a major downside of FaceTime. You won’t have to worry about exchanging medical documents in a HIPAA-secure way because you can’t send any files at all! This means that you’ll have to use another platform for document exchange. 

If a doctor needs to look at a patient’s lab results or any other kind of medical report during the appointment, they will have to juggle between different communication channels. The same goes for the patient side.

With Curogram, you’ll be able to exchange medical documents in an easy way that doesn’t compromise PHI. You and your patients can upload documents before or after the appointment, and they will be tied to that appointment in the system. You can forward us any standard forms you wish to send, such as intake forms, and we’ll digitize them for you. Your patients will even be able to e-sign them.

FaceTime doesn’t integrate with your EHR

Our platform also integrates with your EHR to facilitate data management and scheduling. We integrate with over 700 EHRs, and the process is done in less than 48 hours. Other providers will take up to six months to complete an integration, and FaceTime does not even have this option to begin with.

Curogram EHR integrations







Practice Fusion




See More Integrations Here

FaceTime doesn’t allow you to replicate established workflows

If you want your online patient visits to be as efficient as your in-person visits, you have to replicate your physical workflows online. 

During a patient’s in-person visit, they are first greeted and prepared by a nurse. The doctor comes in when the patient is ready, and after the appointment, a nurse or MA comes in again to give them any further instructions or other documents.

With FaceTime, it’s impossible to mimic this process. The doctor will have no way of knowing when the nurse is done with the patient so that they can join the call unless they’re in the same room physically. The nurse would have to let the doctor know in one of the following ways:

  • They would have to end the call, call or text the doctor, and have the doctor call the patient again
  • They would have to use another device to reach the doctor while still on call with the patient

This is impractical and can be frustrating for the patient. An alternative is to have the doctor do the onboarding too, which is a waste of time for the doctor.

With Curogram, you’ll have all the tools to transfer your doctor and staff workflows online. You can send your digitized intake forms to patients days before the appointment. This will save you a lot of time on the day of the visit.

Another useful feature we offer is a virtual waiting room. The staff and doctors will be able to see which patients are waiting for a visit. The doctor can see if a nurse is still with the patient or they need more time. This transparency allows everyone to do their job without hindrances.

FaceTime is inadequate for multi-provider appointments

If more than two people have to be present during an appointment, that can be a problem with FaceTime. Some appointments require several medical personnel present, and sometimes, doctors like to have assistants taking notes for them.

FaceTime allows for group video calls but not for all Apple devices. This imposes yet another restriction on which patients can have a virtual visit with you. Group call limitations also mean that your staff needs to have state-of-the-art Apple devices.

You can bypass all these technical issues by using Curogram. Our platform allows you to have multiple people present at the appointment without experiencing any problems and limitations.




EHR integration



Advanced waiting room management tools



Secure document transfer



In-person workflows



Multi-provider appointments



Curogram makes your transition to telemedicine smooth

One survey shows that clinician adoption of telehealth increased by 340% in 2019 alone. The COVID-19 global pandemic made the adoption rate even steeper in 2020 as more and more people turned online for healthcare services.

If you’re just starting out with telemedicine, Curogram is the perfect platform for you. It will make your transition smooth by offering numerous features other solutions don’t have. Here’s what makes our platform stand out in the crowd:

  1. Patients won’t have trouble using it
  2. Your doctors will love it
  3. It will make it easy to communicate with patients remotely
  4. It will provide your staff with a secure way to communicate internally

Patients won’t have trouble using Curogram

Even the least tech-savvy patients will find it easy to access a virtual visit with Curogram. There are no app download requirements that complicate things. When a patient schedules an appointment, they receive a visit link. All they have to do is click the link to join the waiting room. There are no room codes or similar passwords to enter.

Your doctors will love Curogram

Doctors will love the platform as it will help them focus their time on seeing patients. They won’t have to waste time onboarding patients themselves. They can transition from appointment to appointment in minutes as patients will come ready and staff will take care of all the technicalities. The integration with your EHR will spare them double data entry as it will sync visits with it.

Curogram will make it easy to communicate with patients remotely

Curogram lets you send SMS messages to your patients directly from the web dashboard. You get a local phone number without needing to have a dedicated business device. Whoever among your staff texts a patient, the patient will receive the message from your unique number.

You can send smart appointment reminders that can be customized for the visit type, sending time, and more. Reminders are essential in telemedicine because people are much more likely to forget an online appointment than a physical one. You can also save template texts for answering frequently asked questions.

It’s important to note that these are two-way SMS messages that your patients can reply to. This is much better than generic one-way notifications because your patients can text you back instead of wasting theirs and your time by calling. Our SMS messaging system has slashed some of our clients’ call volume in half.

Curogram will provide your staff with a secure way to communicate internally

Remote work means your staff needs to have a secure way to communicate internally. If you don’t provide them with one, they’ll end up using WhatsApp, Messenger, and similar platforms. This is bad news for three reasons:

  • These apps are not HIPAA-secure
  • PHI will end up on your staff’s personal mobile devices
  • Spending more time on their phones means being exposed to more distractions

With Curogram, you can make group chats where your employees can communicate about work-related things or anything else. They can also exchange patient data using the platform in a completely HIPAA-secure way as all communication is encrypted.

Our platform is super flexible regarding communication. While chatting with patients, they can forward each other patients’ messages and involve their colleagues in these chats.

Three problems you may experience in the first week of remote work

Starting out remote work can be challenging, especially for healthcare providers. Choosing an inadequate consumer app such as FaceTime can make it even harder for everyone. Here are three problems you might experience in the beginning:

  1. Fewer patients
  2. Stressed out doctors and staff
  3. A drop in revenue

Fewer patients

Remember that the transition is not only difficult for you but also for your patients. If they have problems using your telemedicine solution, they will give up on the appointment altogether. You also need to be mindful of the fact that patients need reminders closer to the appointment. If they are immersed in another activity, they can easily forget about the visit and never show up.

You can set up Curogram’s smart reminders to be sent to patients 15 or 30 minutes before the visit automatically. Curogram is currently sending 500,000 reminders a month and reducing no-shows by 75%. 

Stressed out doctors and staff

Your employees will need time to adjust to their new work environment. You can help them out by fostering a close-knit community via your telemedicine platform and letting them know that they can ask for help if they need it. You may also consider establishing remote work policies that will help them better organize their workstation at home.

A drop in revenue

Doctors can typically see up to 40 patients a day. This number tends to drop to only a couple of patients when a clinic adopts an inappropriate telemedicine platform. If you have fewer patients, your revenue will drop significantly.

Curogram’s support of staff and doctors’ workflows will make the visits more efficient. Patients will come prepared, and doctors won’t have to spend more than 15 minutes per visit. This will allow them to see as many patients as they would be able to in person, if not more.

Wondering if other solutions are HIPAA compliant?

Are they HIPAA compliant?

Is Zoom HIPAA Compliant?

Is RingCentral HIPAA Compliant?

Is WhatsApp HIPAA Compliant?

Is Google Hangouts HIPAA Compliant?

Is Skype HIPAA Compliant?

Is GoToMeeting HIPAA Compliant?

Is Google Voice HIPAA Compliant?

Is HelloFax HIPAA Compliant?

Is eFax HIPAA Compliant?

Is Facebook Messenger HIPAA Compliant?

Is Email HIPAA Compliant?

Is Texting HIPAA Compliant?

Is Slack HIPAA Compliant?


Topics: HIPAA, FaceTime

Patient 2-Way Texting

Curogram provides “All-In-One” texting and HIPAA compliant messaging platform for independent practices, physician groups, and clinically integrated networks.

Subscribe Here!

Recent Posts