The Health Insurance Portability & Accountability Act (HIPAA) works to ensure that sensitive personal and health information is protected and that access to health data is restricted to authorized individuals. Compliance also works to build trust between patients and healthcare professionals, which ultimately improves the delivery of healthcare. And that extends from the examination room to every remote support session. Here are a few ways Rescue puts your compliance under your control.

Account-level settings control access and reporting

Protecting remote support sessions that deal with sensitive data starts with how your technicians are accessing your remote support technology.

Rescue allows you to control security settings to prevent techs from accessing machines off the network. Keep them on the network and on safe ground with IP login restrictions. These can be set globally or at the technician group level, so techs in group A must login through your protected network but techs in group B may not need that level of restriction. 

Other important settings are enabling single sign-on (SSO) for your technicians. If you don’t have that capability, you can set a password policy that dictates password strength requirements along with password expirations. You can also set up two-factor authentication (2FA) globally or for specific technician groups. This helps ensure that the person accessing your Rescue account is who they say they are. 

Reporting is another important aspect of HIPAA compliance. You can also keep tabs on your account activity through audit reports. If someone changes any settings in the Admin Center, you can see and track who made the changes. You can also create settings to automatically create video recordings of every remote control session showing the recorded sessions exactly as seen by the remote user, and these can be saved to a network location. Remote sessions can also be logged to ensure security and maintain quality control. And run a login report to track which user logged in, when, and from what IP.

Finally, let’s chat about chats. Rescue allows deletion of chat records in the event that sensitive data is entered into the session chat and you can store chat logs on their own terms.

Technician settings control in-session activity

There are a number of settings that allow you to control what your technicians can or cannot do during a live remote support session (check out What Techs Can (or Cannot) Do in a Remote Support Session Can Make or Break Your Compliance). Here’s how a few settings line up with HIPAA compliance.

Access to sensitive data should only be allowed to people or software programs who have been granted access rights and integrity policies and procedures must be upheld. Rescue lets you control access permissions at the technician group level. You can restrict groups of technicians from using remote control, Connect on LAN, unattended access, and file transfer. You can set permissions to dictate that the end user must be present at the remote machine, must permit remote access, and can maintain control with the option to terminate the session at any time. You can prompt the end user to always grant or deny a technician’s request to use specific functions (like remote control, desktop view, file transfer, system information, and reboot and reconnect), automatically revoke access rights when a session is terminated, and revoke access rights after a specified period of inactivity.

Data safeguards and flexibility

Part of staying HIPAA compliant involves how sensitive data is treated. You need to ensure that data is not altered or destroyed in an unauthorized manner and that it is transmitted securely to guard against unauthorized access.

Rescue uses end-to-end 256-bit AES encryption of all data. And MD5 Hash enhances traceability of file transfers when file transfer is enabled.

And with Rescue, you can elect not to store chat logs on Rescue servers, and instead store them on your own servers where you maintain compliance and retention controls.

When compliance counts, count on Rescue.

Rescue puts the power to stay HIPAA compliant in your hands. Our admin center gives you thousands of settings to control for technicians, admins, and master admins, ensuring everyone has the level of access they need, and nothing they don’t.