Zoom HIPAA Compliant Conferencing Service
Northwestern will be providing a secure HIPAA-compliant service for web conferencing. Please review the differences between northwestern.zoom.us and northwestern-restricted.zoom.us before requesting to switch to the HIPPA conferencing service. To request a HIPAA compliant Zoom account - email consultant@northwestern.edu with your name, email address, netid and request the account. Due to the requirements of converting your existing account to your HIPAA account, a consult is required before the process can be completed. This is to ensure that the impact of changing is clear in how it affects your previous account and how you can use the new HIPAA account.
After the brief consultation, you will receive an invitation via email to join the HIPAA-compliant version of Zoom. After clicking on the invitation email to confirm the account change, you will be able to login using your Northwester NetID and password to https://northwestern-restricted.zoom.us
This service has not yet launched. If you try logging in before we launch/announce the service and conduct a consultation, the login process will fail.
- be invited as a host by an NU Zoom meeting/webinar organizer
- invite NU Zoom members to your meetings as hosts
Feature | Description | Status | Reason | Implications |
---|---|---|---|---|
Cloud Recordings | Record meetings and automatically process and store them in the cloud. | Disabled | Required by Zoom | Local recordings do not receive the automatic transcript file process. |
Local Recording permissions (non-Hosts) | Hosts cannot give permission to participants to record locally | Disabled | HIPAA privacy | Hosts recordings would need to provided manually |
Recording Disclaimer | All participants must give consent to be recorded, otherwise they cannot participate in the meeting. | Enabled | Required by Zoom | Refusing consent prevents meeting participation |
Meeting Passcode | All meeting types and entry points must be passcode protected. Participants joining by phone may enter using either the meeting passcode or their assigned Participant ID number. | Required | Prevent uninvited participants from randomly entering your meeting by ID number | Some participants may need to enter the password when joining without using the one-click join URL. |
Waiting Room | Guests cannot join a meeting until a host admits them individually from the waiting room. | Required | Prevent unknown guests from joining meetings that may contain sensitive data. | The option for attendees to join the meeting before the host arrives is disabled. |
Require Encryption for 3rd party endpoints (H.323/SIP) | Zoom requires encryption for all data between the Zoom cloud, Zoom client, and Zoom Room. Require encryption for 3rd party endpoints (H323/SIP). | Required | Required by Zoom | Participants may be unable to join meetings from SIP devices. |
Personal Meeting ID | A dedicated Meeting ID for each account | Disabled | All meetings must be newly generated meeting ID's | |
Identify guest participants in meeting/webinar | Guests (someone who does not belong to the BU HIPAA account) will be highlighted in the participants list of a meeting or webinar. | Required | Improved awareness of who is currently in a meeting that may contain sensitive data. | |
Auto saving chats | Automatically save all in-meeting chats so that hosts do not need to manually save the text of the chat after the meeting starts. | Disabled | Prevent data from being transmitted to or stored on a non-compliant endpoint or environment. | Chats can be saved manually before the meeting ends. |
Private Chat | Send chat messages in-meeting privately to others | Disabled | Prevent private messages from being sent | Chat is publicly viewable by all participants |
File Transfer | Hosts and participants can send files through the in-meeting chat. | Disabled | Prevent data from being transmitted to or stored on a non-compliant endpoint or environment. | |
Live Streaming | Allow hosts to live stream their meetings to Workplace by Facebook or Custom Live Streaming Service. | Disabled | Prevent Restricted Use Data from being transmitted or stored in non-approved environments. | |
Play sound when participants join/leave | Sound will be heard by host when participants join or leave. | Enabled | Improved awareness of who is currently in a meeting that may contain sensitive data. | |
Remote Control | During screen sharing, the person who is sharing can allow others to control the shared content. | Disabled | Prevent unauthorized access to endpoints with HIPAA or Restricted Use Data. |
Far end camera control | Allow another user to take control of your camera during a meeting | Disabled | Prevent unauthorized access to endpoints with HIPAA or Restricted Use Data. |
Remote Support | Allow meeting host to provide 1:1 remote support to another participant | Disabled | Prevent unauthorized access to endpoints with HIPAA or Restricted Use Data. | |
Save Captions | Disabled | |||
Peer to Peer connections | When 2 people are connected, they connect directly to each other instead of through Zoom's cloud service. | Disabled | Full encryption requires |