Is GoToMeeting HIPAA Compliant? Using GoToMeeting for Telemedicine

Posted by Michael Hsu on 5/21/20 6:00 AM
Michael Hsu

Untitled Design (18)

GoToMeeting is a web-hosted app for virtual meetings by LogMeIn. You can use it for online meetings, video conferencing, voice calling, screen sharing, and more. 

It can host up to 100 participants, and you can record the sessions. One of the best features of GoToMeeting is its application-sharing option that allows you to share only a specific app instead of the whole screen.

This video meeting solution seems to have a great potential for use in telehealth and telemedicine. We’ll explore if GoToMeeting is a viable solution for healthcare professionals and if it meets all the HIPAA standards.

Is GoToMeeting HIPAA compliant?

If you want to use a communication app for transferring identifying patient data known as protected health information (PHI), you need to make sure that the solution adheres to the HIPAA regulations. 

These third-party applications can’t be HIPAA compliant in and of themselves, but they can vouch for the safety of your data by entering into a business associate agreement (BAA) with you. This agreement is the first step in adhering to the HIPAA rules.

LogMeIn, as the owner of GoToMeeting, will sign a BAA with you, which is a safe indicator that the app can be made HIPAA compliant. The provider wouldn’t enter into such a contract with anyone if they knew their product doesn’t offer the possibility of enabling HIPAA-prescribed safeguards.

GoToMeeting can be made HIPAA compliant, but bear in mind that it doesn’t have all the safeguards in place by default. You are responsible for making sure that you’re using the app in a compliant way, and luckily, LogMeIn provides a guide on how to do so.

Here are GoToMeeting’s technical measures that can ensure full HIPAA compliance:

  1. Access controls
  2. Audit controls
  3. Integrity mechanisms
  4. User authentication
  5. Transmission security

Access controls

Access is controlled in the following ways:

  • Meeting access is restricted to invited parties only and can be further secured by passwords
  • Administrators use their own unique emails and passwords to access accounts
  • Administrators can also set up automatic logoffs after a period of inactivity
  • There’s no way that anyone can “bomb” your meeting (as it has happened to Zoom users) as everything is encrypted

Audit controls

All GoToMeeting activities are logged, which means you can maintain an audit trail prescribed by HIPAA. This trail makes it easier to identify breaches and other unauthorized access. Admins have web-based access to these logs as well as to other reporting tools.

Integrity mechanisms

The integrity of PHI transmitted through GoToMeeting is easy to protect as you can’t share files directly via the platform. Admins can share their screen showcasing PHI, and they can choose not to share keyboard and mouse control with participants, ensuring that PHI remains intact. All data that is transmitted via the platform is protected by HMAC-SHA-1 message authentication codes.

User authentication

Account managers use unique emails and passwords to log into their accounts. Meeting access is protected in multiple ways—by unique meeting codes and optional passwords, as well as by only allowing access to the invited participants. If you’re sharing your screen, participants can’t modify the presented apps and data unless you allow them to.

Transmission security

All communication is protected by the industry-standard AES 256-bit encryption.

As you can see, whether or not GoToMeeting is compliant depends on how the account managers use the app.

Curogram is a telemedicine solution that is HIPAA compliant by default

GoToMeeting can be made compliant, but our platform adheres to the HIPAA rules by default. Curogram was designed with healthcare professionals in mind, and it allows you to focus on doing your job without having to worry about accidentally violating the law. All the safeguards are already in place, so you don’t have to configure the app in a certain way in order to avoid penalties.

Apart from being 100% HIPAA compliant, Curogram comes with many perks that are specific to the needs of medical professionals. You can set up your virtual clinic with it that will mimic your regular workflows and allow both doctors and patients to have a smooth experience. Curogram is also a two-way messaging platform that lets you text PHI in a HIPAA compliant way.

GoToMeeting is a secure platform, but aside from that, it doesn’t offer much as a telemedicine solution. Here are some problems you will encounter if you start using it:

  1. It doesn’t have a file-sharing feature
  2. It doesn’t have a virtual waiting room
  3. It doesn’t support the workflows of doctors and nurses
  4. It doesn’t integrate with your EHR
  5. It doesn’t allow you to send automated reminders

GoToMeeting doesn’t have a file-sharing feature

If you’re looking for a telemedicine solution, you are aware of the fact that you and your patients need to exchange a bunch of different documents before, during, and after appointments. There’s no way to do that with GoToMeeting. You can share your screen and allow the other side to view the document, but you can’t really send it.

Viewing the file is not enough most of the time as it’s important to keep a record of all the documentation tied to a specific visit. On the other end of the appointment, your patients may need to get a prescription, labs, or instructions and be able to save these files and not just view them.

Curogram allows you to share documents in a completely HIPAA-secure way, both with your patients and internally. Our platform makes it especially easy to send medical files. We can digitize your standard forms so that patients can open them on their smartphones and even e-sign them. There’s no need to waste time printing and scanning papers.

You can send your patients web-based intake forms in advance to save you both some time on the day of the appointment. These will come back to you as PDFs automatically. Curogram allows you to send various post-visit files with a click, such as prescriptions, special instructions, and others. The best part is that you can pull out documents straight from your EHR.

GoToMeeting doesn’t have a virtual waiting room

The waiting room is an integral part of any doctor’s appointment, regardless of whether it’s an in-person or an online one. It is an indispensable way to control traffic surges at your online clinic, queue your patients, and get them ready for appointments.

GoToMeeting doesn’t have this option. Doctors and nurses can’t see who’s waiting to be seen in a single place. Nurses or MAs would have to click each individual bridge to see if the patient has arrived and get them ready.

Curogram has a virtual waiting room that helps you line up your patients and streamline the whole process. You can see how many patients are waiting in this area and who they are. Nurses can join them in the waiting room to prepare them for the visit with the doctor. In the meantime, doctors can see if the patients are ready or still with a nurse.

The waiting room brings order into your workday and makes the virtual clinic experience similar to physical patient visits.

GoToMeeting doesn’t support the workflows of doctors and nurses

In-person visits are not as simple as patients popping in and out of appointments. There are at least three steps in the process:

  • An MA or nurse greets the patient to check them in and prepare them
  • The doctor sees the patient
  • The nurse follows after the doctor to provide any further instructions, documents, etc.

At least a couple of medical personnel are involved in the appointment procedure. You can’t just have doctors getting on calls with patients and doing everything themselves. That would be a huge waste of their time, and you’d be stuck with a serious staff misutilization problem.

GoToMeeting doesn’t support these established clinic workflows. It would be difficult to have doctors and staff coming in and out of calls. Once the host leaves the meeting, the call is over. This is a problem if you want to recreate your staff’s usual duties online. 

With GoToMeeting, you would need to involve multiple meeting links—one for the nurse, another one for the doctor, and potentially even a third one for the nurse to wrap up the visit. This would complicate things further and discourage your patients from visiting your online clinic.

Curogram makes the appointment procedure as natural as it can be online. The patient doesn’t have to worry about multiple bridges. When they schedule the appointment, they get one visit link. Once the appointment is due, all they have to do is click the link, and it will take them straight to your waiting room. From there on, your staff can proceed to guide them through the process as they would in person.

Our platform also supports multi-provider visits, so if several medical professionals need to be present at once, they can. Some doctors like to have assistants with them so that they can focus on treating the patient, while the assistant takes notes. This can also be arranged with Curogram.

GoToMeeting doesn’t integrate with your EHR

One of the major disadvantages of using a non-healthcare-specific solution is the fact that it is unlikely to integrate with your EHR. This feature would allow you to keep one schedule and not have to enter all the data twice. GoToMeeting doesn’t offer this option, which makes it highly impractical.

Curogram can integrate with your EHR to offer you even better functionality. Our platform can integrate with almost any EHR there is. The best thing about it is that you won’t have to wait for a couple of months for the integration process to finish. Curogram integrates with your EHR in about 48 hours thanks to our proprietary technology.

Curogram EHR integrations

eClinicalWorks

Athena

Epic

Cerner

DrChrono

NextGen

Practice Fusion

CareCloud

Kareo

OfficeAlly

See More Integrations Here

GoToMeeting doesn’t allow you to send automated reminders

If you’re transitioning to telemedicine or adding online appointments to your services, you need to have a practical way of reminding your patients of their online visits. Virtual appointments are much easier to forget because the patient doesn’t need to get there physically. All they have to do is connect through their device of choice.

You can connect your GoToMeeting account to your calendar, but you can’t send auto-reminders to patients. A staff member would have to waste their time calling or texting each patient individually, or you’d have to hope that the patient will remember, which would result in a bunch of no-shows. If you do assign a staff member to take care of reminders, they could make mistakes and jumble up your schedule.

With Curogram, you won’t have to worry about missed appointments. Our platform generates visit reminders automatically. All you have to do is set up the frequency and type of messages. Your patients will receive these via SMS, which is almost a guarantee that they will read it in time as the open rates for SMS are as high as 98%.

Curogram is currently sending more than 500,000 auto-reminders a month, saving our customers thousands of dollars that they would lose due to no-shows. HIPAA compliant texting is one of the core functionalities of Curogram and an inseparable part of any successful appointment reminder systema.

 

GoToMeeting

Curogram

Secure file-sharing feature

No

Yes

Virtual waiting room

No

Yes

Doctors’ and staff’s workflows

No

Yes

EHR integration

No

Yes

Automated visit reminders

No

Yes

How to transition to telemedicine smoothly

Transitioning to telemedicine can be a challenge, especially if your staff doesn’t have experience working from home. There are numerous challenges you’ll face at the beginning, but you shouldn’t let them discourage you. 

Going remote is a huge change, and you’ll adjust to it in no time if you’re properly prepared and use a feature-rich platform. Here are some problems to look out for:

  1. Your patients will need time to adjust
  2. Your staff will need time to adjust
  3. Your doctors might be able to see fewer patients
  4. You may experience a loss in revenue

Your patients will need time to adjust

Your patients may feel reluctant to try telemedicine, but you can show them that it is time-efficient and much more convenient than physical visits in many cases. If you decide to go for a non-healthcare-specific solution such as GoToMeeting, you might not be as convincing as you’d like to be.

Your patients don’t want to waste time dealing with multiple links and having to use a couple of communication channels—one for scheduling, another one for the appointment, yet another one for safe PHI transfer, etc.

With Curogram, your patient satisfaction levels will go through the roof as they will see how simple the process is. Not even your older patients will have trouble hopping on a call and going through the appointment online.

Your staff will need time to adjust

Your staff will need some time to figure out how to transfer their general duties to the online clinic. They may find themselves feeling lost for some time, but you can help them adjust by providing the following:

    • Work-from-home policies: You need to introduce some structure by setting remote work rules, such as break rules, background requirements, dress etiquette, etc.
    • Secure staff-to-staff communication platform: Your staff needs a secure platform for internal communication. Curogram makes it possible to create HIPAA-secure group chats.
  • Secure platform for communicating with patients: Curogram provides a two-way SMS system for easy communication with patients, as well as a free patient app for safe PHI transfer.
  • Care for their well-being: Let your staff know that they can discuss any issues and be heard. Remote work can be mentally challenging for some.

Your doctors might be able to see fewer patients

If doctors have to deal with a lot of technical details, they will have less time to actually see patients. Choosing an inappropriate telemedicine solution will force your doctors to onboard the patient themselves and do a lot of additional administrative work. This is not a doctor’s job, but some apps leave you no other choice.

Curogram will allow doctors to only do what’s their job. This way, they will be able to see as many patients as they would be able to tend to in person. A patient’s visit can last up to an hour or more. The doctor’s part should not take more than 15 minutes.

Curogram’s waiting room and workflow support will make the whole process streamlined and make it possible for doctors to go in and out of appointments smoothly.

You may experience a loss in revenue

A poor telemedicine solution that wasn’t really intended for use in healthcare can lead to a steep drop in revenue. If your patients are not satisfied, they will go to a competitor with a more convenient platform and better workflows. 

Failure to remind your patients about visits will lead to no-shows, which may be the number one reason clinics lose money when they go remote.

Staff misutilization is yet another issue that will result in a decrease in revenue in the long run. If your nurses are stuck on the phone and doctors have to deal with the administration and IT, they can’t do their job.

Curogram keeps your clinic up and running and allows everyone to focus on their duties. Your patients will be satisfied, and our smart auto-reminders will reduce your no-show rates by 75%. Our two-way SMS messaging system will make your communication with patients much more efficient and will slash your phone call rates in half.

Wondering if other solutions are HIPAA compliant?

Are they HIPAA compliant?

Is Zoom HIPAA Compliant?

Is RingCentral HIPAA Compliant?

Is WhatsApp HIPAA Compliant?

Is Google Hangouts HIPAA Compliant?

Is FaceTime HIPAA Compliant?

Is Skype HIPAA Compliant?

Is Google Voice HIPAA Compliant?

Is HelloFax HIPAA Compliant?

Is eFax HIPAA Compliant?

Is Facebook Messenger HIPAA Compliant?

Is Email HIPAA Compliant?

Is Texting HIPAA Compliant?

Is Slack HIPAA Compliant?

 

Topics: HIPAA, GoToMeeting

Patient 2-Way Texting

Curogram provides “All-In-One” texting and HIPAA compliant messaging platform for independent practices, physician groups, and clinically integrated networks.

Subscribe Here!

Recent Posts