GoToMeeting is a web-hosted app for virtual meetings by LogMeIn. You can use it for online meetings, video conferencing, voice calling, screen sharing, and more.
It can host up to 100 participants, and you can record the sessions. One of the best features of GoToMeeting is its application-sharing option that allows you to share only a specific app instead of the whole screen.
This video meeting solution seems to have a great potential for use in telehealth and telemedicine. We’ll explore if GoToMeeting is a viable solution for healthcare professionals and if it meets all the HIPAA standards. Any collaboration tools used in healthcare must comply with Health Insurance Portability and Accountability Act (HIPAA) requirements. One platform many people use for virtual collaboration and communication is GoToMeeting, a web-hosted app by LogMeIn that features online meetings with up to 100 participants, video conferencing, voice calling, screen sharing, and more. But, does GoToMeeting have the potential for telemedicine use thanks to HIPAA compliance?
We’ll explore if GoToMeeting is a viable solution for healthcare professionals and meets HIPAA standards.
For GoToMeeting to be HIPAA compliant, it needs to align with the Security Rule.
When using a telemedicine solution to store and transfer protected health information (PHI) or through electronic means (ePHI), you must guarantee that the platform adheres to HIPAA’s Privacy and Security rules.
As a third-party application, GoToMeeting does not guarantee automatic HIPAA compliance, but the app can be HIPAA compliant by enabling HIPAA-prescribed safeguards.
The first step to make GoToMeeting HIPAA compliant is to enter into a business associate agreement (BAA). As a business associate (BA) and owner of GoToMeeting, LogMeIn signs a BAA with you, a safe indicator that the app has the necessary safeguards for compliance.
Here are GoToMeeting’s technical measures that guarantee full HIPAA compliance through the Security Rule and Privacy Rule:
User Authentication
Account managers use unique emails and passwords to log into their GoToMeeting accounts. GoToMeeting also issues unique meeting codes with password protection to prevent unauthorized access. Meeting organizers can restrict attendance to certain people, and only invited participants can enter the meeting. Participants cannot modify the presented apps and data when a host shares a screen unless the host allows it.
Access Controls
Similar to authentication, access controls prevent unauthorized access to ePHI.
Organizers control GoToMeeting access in the following ways:
- Keeping unwanted guests out with security features such as one-time passwords and meeting lock
- Administrators use their unique emails and passwords to access accounts
- Setting up automatic logoffs after a period of inactivity
- Encrypting meetings - participants must enter a special code to join the meeting
- Administrators may remove a participant
- Administrators may disable recordings, in-session chat, and more
Audit Controls
Audit controls monitor access to ePHI. GoToMeeting logs all activities within the app, maintaining an audit trail prescribed by HIPAA. By tracking activities, it’s easier to identify breaches and other unauthorized access. Admins have web-based access to these logs and other reporting tools.
Integrity Mechanisms
GoToMeeting uses Amazon Web Services (AWS) to implement integrity mechanisms, ensuring no altercation or damage happens to ePHI. The integrity of ePHI transmitted through GoToMeeting is easy to protect as the platform doesn’t allow the sharing of files. Admins can share their screen showcasing PHI, and they can choose not to share keyboard and mouse control with participants, ensuring that it remains unaltered.
GoToMeeting implements HMAC-SHA-1 message authentication codes to safeguard all data transmitted within the platform.
Transmission Security
Transmission security protects ePHI in transit. GoToMeeting adheres to this security by using industry-standard AES 256-bit encryption.
GoToMeeting can be HIPAA compliant, but doesn’t have all the safeguards in place by default. As a covered entity, it’s your responsibility to make sure you are using the app in a compliant way; LogMeIn provides a guide on how to do so.
While GoToMeeting is HIPAA-compliant after taking certain steps, its use as a telemedicine platform has downsides because it lacks features a healthcare practice needs for success.
GoToMeeting is a secure, HIPAA-compliant platform, but doesn’t offer much as a telemedicine solution.
When offering telemedicine, it’s crucial to look for vital features to help streamline your remote care practice. Being HIPAA compliant is of top priority. Even though GoToMeeting can be HIPAA compliant, its platform lacks the characteristics of a telemedicine solution.
Here are some problems you might encounter if you decide to use GoToMeeting for telemedicine:
Cannot Send Files
In a remote healthcare setting, you and your patients may need to exchange various documents before, during, and after virtual appointments. Unfortunately, you can’t do this on GoToMeeting.
GoToMeeting allows users to share their screen to show files such as images or documents for participants to view. However, you cannot send files to participants, which is a major downside since viewing is not always enough unless a participant takes a picture of the shared screen, which can be a HIPAA violation.
You may need to give your patient a prescription, share lab results, or instructions on treatment, and if you’re using GoToMeeting, you can’t do that — you have to find another telemedicine solution that can transmit files, have your patient visit the office, or use regular mail, all of which can be time-consuming.
Telemedicine-specific solutions like Curogram allow you to share documents in a HIPAA-secure way, both with your patients and internally. Curogram’s platform digitizes standard forms for patients to open using their smartphones and even e-sign them. With Curogram, you can send various post-visit files with a click, such as prescriptions, special instructions, and others. There’s no need to waste time printing and scanning papers.
Also, you can send your patients web-based intake forms in advance of a telemedicine appointment to save you both time. These forms automatically come back to your EHR system as PDFs.
No Virtual Waiting Room
The waiting room is an integral part of any doctor’s office, regardless of whether an in-person or virtual consultation. A virtual waiting room is an indispensable way to queue your patients and get them ready for appointments.
Although GoToMeeting offers a secure, HIPAA-compliant video conferencing platform, it doesn’t have a waiting room. Doctors and other medical staff can’t see who’s waiting for their virtual appointment in a single place. They have to click each channel to see if the patient has logged in.
Not many telemedicine solutions offer a virtual waiting room, but Curogram has it.
Curogram provides a virtual waiting room that helps you line up your patients and streamline the whole process. You can see how many patients are waiting and who they are. Moreover, medical staff can join them in the waiting room to prepare them for a virtual visit, and healthcare providers can see if the patient is ready or still undergoing the intake process.
The virtual waiting room brings order into your workday and makes the telemedicine experience similar to in-patient visits.
Unable To Support Healthcare Workflows
GoToMeeting dedicates a page on its website promoting its HIPAA-compliant video conferencing and meeting tools for healthcare providers and organizations to stay connected. But with telemedicine, you need more than a communication tool.
GoToMeeting doesn’t support established clinic workflows. It presents challenges when providers are coming in and out of calls. Once the host leaves the meeting, the call is over. That is a problem if you want to recreate your staff’s usual duties online.
With GoToMeeting, you need to involve multiple meeting links — one for the medical staff, another for the doctor or healthcare provider, and potentially even a third to wrap up the visit. Multiple processes for a single virtual visit may discourage patients from using your telemedicine services.
Curogram mimics in-person appointment procedures in a virtual setup. The patient doesn’t have to worry about multiple channels. When they schedule the appointment, they get one visit link. At their appointment time, all they have to do is click the link, and it takes them straight to your waiting room. From there, your staff can proceed to guide them through the process as they would in person.
Moreover, Curogram’s platform supports multi-provider visits, enabling several medical professionals to be present at one virtual appointment. Some doctors like to have assistants to take notes while they talk to the patient; Curogram can arrange this setup.
No EHR Integration
One of the major disadvantages of using a non-healthcare-specific telemedicine solution is the lack of electronic health record (EHR) integration, a systemized collection of stored health data in a digital format. With an EHR, your team doesn’t have to enter data twice in your system; they just have to update the record. Unfortunately, GoToMeeting doesn’t offer EHR integration.
You need a platform that integrates with almost any EHR; Curogram does, and quickly. Curogram integrates with your EHR in around 48 hours.
Unable To Send Automated Appointment Reminders
Patient appointments keep your medical practice running. That is why you need to have a practical way of reminding your patients of their telemedicine visits. Virtual appointments are much easier to forget because the patient doesn’t need to get there physically. All they have to do is connect through their device of choice. And although GoToMeeting offers a secure platform for online consultations, you can’t send automated appointment reminders to patients.
With no option for automated reminders, staff members have to waste their time calling or texting each patient. That can be challenging since they could make mistakes and jumble up your schedule.
With Curogram, you won’t have to worry about missed appointments. Curogram’s platform generates visit reminders automatically. You set up the frequency and type of messages. Your patients receive these via secure text message (SMS), which is almost a guarantee that they will read it in time as the open rates for SMS are as high as 98%.
Your medical practice needs a solution dedicated to telemedicine, not a HIPAA-compliant yet feature-lacking option like GoToMeeting.
GoToMeeting is well-suited for businesses working remotely. Its online video conferencing platform takes HIPAA compliance seriously and has measures to meet all the physical, technical, and administrative safeguards of HIPAA.
However, telemedicine requires more than a HIPAA-compliant video system — you need a feature-rich platform dedicated to making a remote healthcare practice run smoothly.
And you don’t want to run into any problems, such as a lack of patient acceptance towards virtual visits.
Your patients may feel reluctant to try telemedicine, but you can show them that it is time-efficient and much more convenient than physical visits in many cases. But, if you decide to use a non-healthcare-specific solution such as GoToMeeting, it could sour their experience quickly because of its lack of easy use.
Your patients don’t want to waste time dealing with multiple links and having to use multiple communication channels — one for scheduling, another for the appointment, and another for safe ePHI transfer, etc.
With Curogram, your patient satisfaction levels can go through the roof because of its simple process. Even older patients have a trouble-free experience, hopping on a call and going through the appointment online quickly.
Your staff could need some time to figure out how to transfer their general duties to the online telemedicine platform. But it doesn’t have to be a difficult transition when you avoid software that doesn’t feature everything they need in one place.
For example, Curogram is such an easy-to-use program that your staff will feel comfortable quickly using the secure, HIPAA-compliant staff-to-staff communication feature. . Curogram even creates HIPAA-secure group chats. Plus, the 2-way, HIPAA-compliant text messaging maintains accessible communication with patients and safe PHI transfer, and works similar to how they send text messages in daily life — there’s no learning curve.
Your medical practice needs the right telemedicine solution with vital tools to help you and your staff deliver remote healthcare to patients without concerns over the security and confidentiality of health data. You may find a HIPAA-compliant platform in GoToMeeting, but it won’t address everything you need for telemedicine.