One of the most common video conferencing platforms used for online therapy is Skype. While it’s among the oldest and most popular communication tools on the Internet, it’s wise to explore how Skype handles your personal information and what security measures are taken to protect your sensitive data.
Are Skype Therapy Sessions Secure?
The short answer is “yes.” The long answer is filled with technical jargon that Skype explains to give you peace of mind about the privacy of your online counseling sessions. The company explicitly states that all Skype-to-Skype voice, video, file transfers, and instant messages are encrypted. Meaning they are protected from potential eavesdropping by malicious users.
In addition, Skype uses the AES (Advanced Encryption Standard), also known as Rijndael, which is used by the US Government to protect sensitive information. User public keys are certified by the Skype server at login using 1536 or 2048-bit RSA certificates.
Your Skype calls, whether they are used for therapy sessions or otherwise, are protected by government-level encryption to secure your confidential conversations. Whether your Skype therapy sessions are taking place via voice, video, or even instant messaging, you can rest assured that, just like in-person therapy, your session will be between just you and your practitioner.
Is Skype HIPAA Compliant?
While Skype as a platform is very secure, that does not necessarily mean it’s HIPAA compliant. The Health Insurance Portability and Accountability Act of 1996 (HIPAA) is a federal law that requires the creation of national standards to protect sensitive patient health information from being disclosed without the patient’s consent or knowledge. Among the requirements that healthcare providers must adhere to is ensuring that any business associate they engage with as part of providing their care, such as Skype, must also be HIPPA compliant by meeting certain standards.
The free version of Skype is technically not HIPAA compliant. Skype for Business does have the required safeguards to be HIPAA compliant, however, only if the Enterprise E3 or E5 package is purchased. If the therapist does use one of these plans, they must activate these security safeguards to become fully compliant. If you are unsure as to whether they are using Skype for therapy sessions in a manner that is HIPAA compliant, it’s best to clarify this point with them before beginning with online sessions.
In Summary
When it comes to the security of your therapy sessions, the Skype platform is as secure as any of the other leading web-based communication platforms or online therapy providers. They encrypt messages using cutting-edge standards. However, you should double-check with your therapist that they have also taken the appropriate steps to become fully HIPAA compliant.
Sources
- Microsoft. (n.d.). Does Skype use encryption? | Skype Support. https://support.microsoft.com/en-us/skype/does-skype-use-encryption-28f5b30b-fcce-493a-9e55-049add6c2d39
- Office for Civil Rights (OCR). (2021, June 28). HIPAA Enforcement. HHS.gov. https://www.hhs.gov/hipaa/for-professionals/compliance-enforcement/index.html
- Journal, H. (2022a, January 7). Is Skype HIPAA Compliant? HIPAA Journal. https://www.hipaajournal.com/skype-hipaa-compliant/
- Health Insurance Portability and Accountability Act of 1996 (HIPAA). (2024, May 15). Public Health Law. https://www.cdc.gov/phlp/php/resources/health-insurance-portability-and-accountability-act-of-1996-hipaa.html
- Compliancy Group. (2021, March 21). Is Skype HIPAA Compliant? https://compliancy-group.com/is-skype-hipaa-compliant/