Zoom Health accounts at IU

On this page:


Overview

Important:

This UITS system or service meets certain requirements established in the HIPAA Security Rule thereby enabling its use for work involving data that contain protected health information (PHI). However, using this system or service does not fulfill your legal responsibilities for protecting the privacy and security of data that contain PHI. You may use this system or service for work involving data that contain PHI only if you institute additional administrative, physical, and technical safeguards that complement those UITS already has in place. For guidance on division of responsibility when using a UITS system approved for PHI, see Shared responsibility model for securing PHI on UITS systems.

Indiana University and Zoom have signed a Business Associates Agreement (BAA) to facilitate private, secure online collaborations for research, teaching, or administration involving the transmission of protected health information (PHI).

Following are some examples of Zoom collaborations that involve PHI and should be conducted using a Zoom Health account:

  • Distributed research team working sessions with patient data
  • Clinical researchers interviewing participants or participant teams as part of research projects
  • Distributed administrative or technical teams working directly with patient data
Notes:
  • If the meeting host uses their IU Zoom Health account, and all participants use the Zoom client to connect to the meeting, the meeting satisfies HIPAA requirements (even if some participants do not have IU Zoom Health accounts).

    Breakout Rooms are available in Zoom Health; you can enable them in your Zoom settings and use them normally.

  • IU has a limited number of Zoom Health licenses. The fastest way to gain the ability to host and schedule meetings approved for PHI is to use a secure Microsoft Team.
Important:

You can have only one Zoom account, either a standard Zoom account or a Zoom Health account.

If you have errors with Scheduling privilege, it may be because you attempted to set it up for someone with a standard Zoom account.

Zoom Health account eligibility at IU

Any IU user who will be working with PHI in Zoom should use a Zoom Health account. All active IU students, faculty, and staff can request Zoom Health accounts.

Notes:
  • IU Health employees who do not also have an active IU status are not eligible for Zoom Health accounts.
  • Retired faculty and staff are not eligible for Zoom Health accounts. However, retired faculty can become eligible if their school or departmental Human Resources representatives submit eDocs via HRMS that reclassify them as Retired and Academic Non-Paid (ACNP).
  • Some affiliates may be eligible for Zoom Health accounts; decisions will be made on a case-by-case basis.
  • If you believe you may be eligible for a different status, contact your campus Human Resources office.
  • Per HIPAA guidelines, IU Group accounts cannot be used to create or host Zoom Health meetings or create Zoom Health accounts.
  • All users of Zoom Health accounts must complete any appropriate HIPAA training.

Differences between Zoom Health and standard Zoom accounts

Zoom Health accounts offer:

  • Encrypted online collaborations for both video and chat
  • Anonymized usage reports
Important:
  • Zoom Health accounts do not allow cloud recordings. If you use a Zoom Health account, you can record Zoom meetings locally to your workstation. Once your recording is complete, follow HIPAA best practices for storing any recording that contains protected health information (PHI).
    Due to the upcoming Box retirement, creation of new Box Group Accounts, Box Organizational Accounts, Box Health Data Accounts, and Box Entrusted Data Accounts has been discontinued. To request a new institutional storage account, fill out the Storage @ IU Institutional storage request form.

    At Indiana University, never store files containing sensitive institutional data, especially protected health information (PHI) regulated by the Health Insurance Portability and Accountability Act of 1996 (HIPAA), on your desktop workstation, laptop, USB flash drive, tablet, smartphone, or other mobile device unless the files are properly encrypted on the device, and your senior executive officer or the IU Institutional Review Board (IRB) has given prior written approval. Because PHI must remain encrypted at rest, make sure you are using full-disk encryption on any device that has research data containing PHI on it. If you are not sure, ask your department or school IT Pro for help.

  • You cannot save chat from Zoom Health sessions.
  • You cannot add people who have standard Zoom accounts as co-hosts or alternative hosts of a Zoom Health meeting (although they may be participants).
  • Zoom Health meetings support up to 200 simultaneous participants; the limit for standard Zoom meetings is 300.
  • The "Live transcript" feature in standard Zoom is not available in Zoom Health. Zoom Health users requiring captions should consider one of the following options instead:

Account requests

To request a Zoom Health account, complete the IU Zoom Health Account Transfer Request.

If you wish to revert your Zoom Health Account back to a standard account, email eLearning Design & Services Help.

This is document atps in the Knowledge Base.
Last modified on 2021-04-30 12:58:53.

Contact us

For help or to comment, email the UITS Support Center.