HIPAA-Compliant Zoom Meetings
HIPAA-Compliant Zoom MeetingsOverview
The Tufts HIPAA Zoom service is a special version of the Tufts Zoom service that has enhanced security features and modified settings to make it HIPAA-compliant, allowing it to be used by members of the medical community and others who work with sensitive information, including Protected Health Information (PHI).
Examples of Zoom meetings that may require use of the HIPAA-compliant instance of the Tufts Zoom service may include, but are not limited to:
- Telehealth appointments at Tufts University clinics, such as the Dental clinics or University Health Services.
- Classes where HIPAA-protected information is shared with students, such as patient cases.
- Educational experiences where students participate in telehealth or clinic group activities.
Using the Tufts HIPAA Zoom Service
In order to use the service, you must first be granted a special Tufts HIPAA Zoom license that is different from your regular Tufts Zoom license. You can then schedule HIPAA-compliant Zoom meetings through a dedicated Tufts HIPAA Zoom website. You must also sign in to the Zoom Workplace desktop client using your Tufts HIPAA Zoom license. You will still have access to your regular Tufts Zoom license, which can be used for meetings that do NOT require HIPAA compliance.
Please review the sections below for information on how to obtain and use a Tufts HIPAA Zoom license.
The HIPAA-compliant instance of Zoom is intended for specific use cases and requires a special license to access. Once granted a license, you will be assigned a special “+thz@tufts.edu” account address.
You will still have access to the regular (“academic”) version of Zoom. These two instances of Zoom are accessed in different ways and have different features.
Regular "Academic" Zoom | HIPAA-Compliant Zoom | |
---|---|---|
Web portal URL | tufts.zoom.us | tufts-hipaa.zoom.us |
Sample account address | John.Jumbo@tufts.edu | John.Jumbo+thz@tufts.edu |
Some key differences in features |
|
|
Access to the Tufts HIPAA Zoom service is available to members of the following groups:
- Tufts University School of Medicine
- Tufts University School of Dental Medicine
- Tufts University Health Services
- Tufts Health Sciences Institutional Review Board (HS IRB)
- Certain staff members in Human Resources
To obtain a Tufts HIPAA Zoom license, you need to log in to the Tufts HIPAA website. You will be granted a license when you log in for the first time. See directions below.
Logging in to the Tufts HIPAA Zoom Website
- Visit tufts-hipaa.zoom.us.
- Click Sign in.
- Log in with your Tufts username (e.g. jjumbo01) and password. You may also have to complete DUO two-factor authentication.
- An email with a confirmation link will be sent to your "@tufts.edu" address. Check your email and click on the link to confirm your account setup. This may take a few minutes.
Note: If you never received the confirmation email and are having trouble accessing your Tufts HIPAA Zoom account, please email it@tufts.edu.
Managing account settings, scheduling meetings, and performing other tasks related to your Tufts HIPAA Zoom license must be done through the dedicated Tufts HIPAA Zoom website. If you are logged in to the regular Tufts Zoom site, you will need to log out before you can log in to the Tufts HIPAA Zoom site. Similarly, when you are done, you must log out of the HIPAA-specific site in order to log back in to the regular Tufts Zoom website.
Logging out of the Regular Tufts Zoom Website
- Click on your profile icon toward the top right of the page.
- Select SIGN OUT.
Logging in to the Tufts HIPAA Zoom Website
- Visit tufts-hipaa.zoom.us.
- Click Sign in.
- Log in with your Tufts username (e.g. jjumbo01) and password. You may also have to complete DUO two-factor authentication.
How Can You Tell That You are Logged in to the Tufts HIPAA Zoom Website?
When you are logged in to the Tufts HIPAA Zoom website, a Tufts Health Sciences logo will appear in the top left corner of the page. You can also click on your profile icon in the top right corner and look at the email address that is listed. If you see an address that ends in “+thz@tufts.edu” (e.g. John.Jumbo+thz@tufts.edu), you are in the HIPAA-compliant instance. If you see your normal @tufts.edu address (e.g. John.Jumbo@tufts.edu), you are NOT in the HIPAA-compliant instance.
Logging out of the Tufts HIPAA Zoom Website
- Click on your profile icon toward the top right of the page.
- Select SIGN OUT.
Your special Tufts HIPAA Zoom account can be used in the regular Zoom Workplace desktop client. You do NOT need to download a separate application. (Note: If you do not already have it, you can download the Zoom Workplace desktop client here: https://zoom.us/download)
However, in order to use the desktop client with your Tufts HIPAA Zoom license, you must log out of your regular Tufts Zoom account and log in to your Tufts HIPAA Zoom account.
Logging out of Your Regular Tufts Zoom Account in the Desktop Client
- Click on your profile icon in the top right corner.
- Select Sign Out.
Logging in to Your Tufts HIPAA Zoom Account in the Desktop Client
- Open the Zoom desktop application.
- Click Sign In.
- Select SSO.
- When prompted for your company domain, enter “tufts-hipaa” so the entire domain reads “tufts-hipaa.zoom.us”. Then, click Continue.
- A new page will open in your browser (e.g. Chrome or Firefox) with a Tufts login window. Log in with your Tufts username (e.g. jjumbo01) and password. You may also have to complete DUO two-factor authentication.
- A popup message will appear. Click Open zoom.us to launch the Zoom Workplace desktop application.
How Can You Tell That You are Logged in with Your Tufts HIPAA Zoom Account?
- Click on the profile icon in the top right corner.
- Click the Show email button ().
- If you are logged in to the desktop client with your Tufts HIPAA Zoom account, a “+thz@tufts.edu” address (e.g. John.Jumbo+thz@tufts.edu) will be listed. If you see your regular @tufts.edu email address (e.g. John.Jumbo@tufts.edu), you are still logged in with your regular Tufts Zoom license.
Logging out of Your Tufts HIPAA Zoom Account in the Desktop Client
- Click on the profile icon in the top right corner.
- Select Sign Out.
Q: Do I need to download a separate desktop application to use my Tufts HIPAA Zoom license?
NO. You do not need to download a separate Zoom desktop application. However, the process for signing in to the Zoom desktop application with your Tufts HIPAA Zoom license is different. Please see the directions above.
Q: Can I still use my regular Tufts Zoom account?
YES. You will still have access to the regular Tufts Zoom website. You can also log into the Zoom desktop application with the regular “tufts.zoom.us” domain. However, you should only use the regular Tufts Zoom service for meetings that do not require HIPAA compliance. See the directions above on how to sign in/out of the regular and HIPAA-compliant Tufts Zoom services.
Q: If I schedule/host a meeting using the Tufts HIPAA Zoom service, do my meeting attendees also need a special license?
NO. When you are scheduling and hosting meetings through the Tufts HIPAA Zoom service, your meeting participants do not also need to have a special license.
Q: If I want to schedule a meeting with an alternative host, does the alternative host also need a Tufts HIPAA Zoom license?
YES. The alternative host must also have a Tufts HIPAA Zoom license. When listing the alternative host(s) in the scheduler, you must use their “+thz@tufts.edu” address (e.g. John.Jumbo+thz@tufts.edu).
Q: I recorded a meeting that I hosted through my Tufts HIPAA Zoom account and now I need to store/share it. Is there a way to store/share the recording that is also HIPAA-compliant?
YES. The Tufts Box cloud storage service is HIPAA-compliant. For more guidance, refer to the links below.
- Tufts Box Use Guidelines - https://it.tufts.edu/about/policies-and-guidelines/tufts-box-use-guideline
- Tufts Box Security Tips - https://it.tufts.edu/guides/box-data-storage-and-collaboration/security-tips-0
Q: Do I need to be logged in to the Tufts VPN to use the HIPAA-compliant version of Zoom?
NO.
Q: Is there anything else I should consider for HIPAA-compliant Zoom meetings?
YES. The Tufts HIPAA Zoom service gives members of the Tufts community a way to schedule and host virtual meetings that are HIPAA-compliant, but the rest is up to you as the host and your participants. Please take the appropriate steps to ensure that information is shared appropriately before, during, and after meetings.