Technology and Privacy
See also: Procedural Safeguards
SPPO is tasked with enforcing FERPA regulations.
- Protecting Student Privacy While Using Online Educational Services: Requirements and Best Practices (2014)
- Protecting Student Privacy While Using Online Educational Services: Model Terms of Service (2016)
- Letter to Mamas on Classroom Observation (2003)
- FAQs on Photos and Videos under FERPA
- Data Security: K-12 and Higher Education
Email and Student Privacy
Understanding the Confidentiality Requirements Applicable to IDEA Early Childhood Programs FAQs (2016)
This document assists early childhood programs under the Individuals with Disabilities Education Act (IDEA) with addressing privacy and confidentiality questions about the Family Educational Rights and Privacy Act (FERPA) and Health Insurance Portability and Accountability Act (HIPAA).
This letter from the OSEP is a response to ITCA asking questions on behalf of its state members regarding:
- parental consent requirements;
- parental consent for the use of private insurance to pay for Part C services; and
- the SOP and fees provisions under the 2011 Part C regulations.
Privacy and Security Considerations when using Tele-Intervention: Applying Regulations to Tele-Intervention (NCHAM)
HIPAA impacts the exchange of health-related information and the provision of health/habilitative services, including tele-intervention services. There are two primary aspects of HIPAA for which tele-intervention providers must be familiar: privacy and security.
Just as you would obtain consent from families for students or other providers under Part C regulations to observe a traditional therapy session, informed consent must be obtained from families prior to anyone observing a tele-intervention session. Verbal consent may be sufficient if observers are students or other Part C providers who fall in the category of "participating agencies". Informed signed consent would be required for anyone else to observe a tele-intervention session.
Consumer-based, free Voice and video over the Internet Protocol (VoIP) software systems such as Skype and others are used by health care providers to deliver telerehabilitation and other health-related services to clients. Privacy and security applications as well as HIPAA compliance within these protocols have been questioned by practitioners, health information managers, and other healthcare entities. This pilot usability study examined whether four respondents who used the top three, free consumer-based, VoIP software systems perceived these VoIP technologies to be private, secure, and HIPAA compliant; most did not. While the pilot study limitations include the number of respondents and systems assessed, the protocol can be applied to future research and replicated for instructional purposes. Recommendations are provided for VoIP companies, providers, and clients/consumers.
Watzlaf, V. R., & Ondich, B. (2012). VoIP for Telerehabilitation: A Pilot Usability Study for HIPAA Compliance. International Journal of Telerehabilitation, 4(1), 33–36. doi: 10.5195/ijt.2012.6096
HIPAA and Telehealth (CCHP)
Compliance with HIPAA is more complex than simply using products that claim to be "HIPAA-compliant". HIPAA compliance entails an organized set of secure, monitored, and documented practices within and between covered entities. Though products cannot ensure compliance, some products may contain elements or features that allow them to be operated in a HIPAA-compliant way.
This updated video platform toolkit is designed to help readers learn more about how video can be used to support the delivery of healthcare and improve the customer care experience, we have included sections for consumers and those holding clinical, operational, or administrative positions. In addition to using online video for clinical services, some attention will be given to other customer support processes common to a clinical office.
As telehealth programs expand, health care organizations have begun to use off-the-shelf webcams/laptops, tablets, and even smart phones. While established vendors compete to create the most efficient end-to-end solution, many new entrepreneurs attempt to navigate the regulatory process. Innovators are developing new software (such as cloud-based video conferencing, enhanced workflow products, and a wide variety of mobile apps) and hardware (including smaller carts, high-definition cameras, all-in-one peripheral devices, and more). Throughout the industry, a major emphasis to connect the consumer at home or work continues to develop.