The goal when implementing these products is to provide an appropriate level of security while providing a safe and usable platform. The recommendations in this document are meant to encourage organizational best practices when deciding to use consumer desktop videoconferencing solutions.
This guidance should assist organizations in determining how to best implement these consumer-grade systems within their facilities. The decision to implement a particular solution will depend on organizational policies & procedures, risk mitigation plans, technical infrastructure and videoconferencing experience. This document will help provide recommendations regarding how to configure the software and workflows to address common concerns and risks.
The following sections are contained within this document:
- Installing the Software
- Selecting the Users
- Creating Accounts
- Configuring Software
- Educating Users
- Handling Calls
- Dealing with Errors and Connectivity Problems
- Terminating Accounts
- Summary
Installing the Software
The installation of consumer-grade VTC applications will vary slightly by manufacturer, version of the product used, and your organizational policies on installing and managing software applications. There are also considerations that must be made for those installations that may happen off of your organization’s network, such as physicians who want to have the software on their home office or patients who will be conferencing from their personal PCs.
Back to top
Within Your Network
Your organization should already have software deployment procedures and policies in place, and those should be referenced and used as a part of this deployment strategy. Depending on the product that is chosen, options may exist to push out a premade Windows Installer Package (.msi) through a Group Policy in Active Directory. As some manufacturers do not provide an .msi file, offering instead an executable file, using .msi packagers to generate a new .msi may ease deployment over Active Directory.
Some “business” versions of consumer-grade applications provide separate deployment management tools that allow you to control who has access to the software, and provides ways to deploy the software to users. These tools may help significantly reduce the overhead of managing this software on your network.
It is recommended that you use the business versions of these applications where available, as they do tend to provide more options for managing the software in your organization, and they provide additional features and support that will make implementing a video system easier and more robust.
Any additional user needs such as webcams, headphones, required device drivers, and possibly hardware upgrades should also be provided at this time.
Back to top
Beyond Your Network
One of the many benefits provided by these increasingly-capable products is the ability to engage in a videoconference from remote locations. This entails providers, partners, and patients installing the software on their personal computers. Your organization will need to decide how much support will be provided to users installing and accessing the system from their home networks.
Several options may be considered for helping these remote users install the software:
- Physical media – CDs or flash drives may have the software installer preloaded on them, which can then be given to users to install at their leisure. Two issues raised by this method are difficulties in ensuring that the most recent version of software is on the media, and the extra cost and inconvenience of needing to produce the copies of the installer.
- Users’ Responsibility – inform the users what software product and version to find, and then instruct them to download and install the application. Some possible risks with this approach are that users might not select the correct version of application, can select a version of the software that is hosted on a malicious site, or are potentially uncomfortable performing this task.
- Download Link – provide a link to an installer file that users can access from either an email or website. If hosting the file on an organizational website, this can guarantee that the file downloaded is a supported version and is not dependent upon another hosting site.
Additional information should be provided to the user to help them through the installation process, either through a special email, physical printout, or document available on your organization’s website. As with the users located within your network, inform these external users of any additional hardware requirements and recommendations.
Back to top
Selecting the Users
Immediately deploying the software to an entire medical campus is not the best method for rolling out a desktop VTC platform. Choosing a department or subset of users to pilot the use of the software is an effective strategy. This can help to work out any issues or concerns in running the software, and will help prepare IT support staff for any issues that may need to be resolved on a larger deployment.
Depending on organizational needs and any risk assessments that have been performed, deploying to a business or administrative team can provide a method of testing the software without placing patient information at risk while the system is being tested. Other choices may be within single departments that have technically savvy members and connections with patients or other providers who would be comfortable piloting such a project.
Back to top
Creating Accounts
Aside from ensuring proper network support for desktop clients, account management will likely be one of the more challenging procedures associated with implementing a consumer-grade VTC application. Some business-oriented versions of these products provide options for managing authorized accounts from a central application, but most still have issues when trying to manage internal and external users, password requirements, and other account-creation problems.
Policies should be created for how these accounts will be managed. Things to consider in this policy include:
- Which version of the software will be used for your organization’s employees (business or free)?
- Which version of the software will be used for your organization’s patients (business or free)?
- What are the naming conventions for your users?
- Do you want identifiable information included in usernames?
- What are the password complexity requirements?
- This is especially important, as many of these systems do not enforce password complexity.
- Which types of users are authorized to use the software?
- administrative staff
- clinical staff
- mental-health staff
- emergency care staff
- patients
- Will your organization allow use of pre-existing or personal accounts?
- This is inadvisable for healthcare providers and questionable for patients.
Centralized Management
Skype provides a management tool for business users that allows “administrators” to handle account creation and management. This application allows for the creation and removal of Skype user accounts, the resetting of passwords, creation of user groups to simplify management, allocation of certain paid-for features related to their VOIP functions, and managing funds associated with user accounts. For other systems, centralized management is not an option. Depending on your organizational policies for managing patient accounts or other external entities, these centralized management tools may not be an option for all users.
It is recommended that your organization use a management tool for handling the creation of user accounts for internal employees. This allows your organization to both create and delete user accounts as staff changes occur, and removes the possibility of an employee retaining confidential patient or employee contact information.
Additional features can be managed for Skype by changing registry settings on the user’s computer. This allows IT staff to force changes to users on a managed network, configuring features such as file transfer permissions and port selection for UDP and TCP traffic on your network. A great resource for managing Skype as an IT department can be found on Skype’s website.
Back to top
Account Creation – Internal Employees
When establishing user accounts for your internal providers and staff, it is recommended to use meaningful and recognizable names. The accounts will often be tied to an email address, which will eliminate the possibility of duplicate usernames; however, depending on your organization’s email address creation policy, these usernames may not be meaningful to people attempting to engage in a video conference.
Should there be a need to provide additional clarification to a user’s identity, a user’s display name can often be changed. This name is separate from the username used to sign in to the desktop software. Let’s look at an example of this:
Take a user whose email address is jsmith3@your_organization.com. Their default display name would be jsmith3, which does not clearly identify the user. Is this John Smith, Josh Smith, Jane Smith, Janet Smith or Jeremiah Smithson? To clarify this user’s name, change their display name to John Smith. When others try to initiate a call to this user, they will see John Smith on their contact list.
Note that there may be additional information that you want to communicate beyond the user’s name. You may want to add your organization’s name (John Smith – Your Organization), a department or specialty (John Smith – Dermatology), or a facility (John Smith – Remote Clinic).
Some users may have existing personal accounts with the various manufacturers’ products. It is not recommended that you allow these accounts to be used.
Back to top
Account Creation – Patients / External Partners
The recommended policy for creating accounts for patients and external partners is a little less clear than it is for your organization’s employees. Your organization must make an informed decision that weighs the costs and benefits of each option.
Creating accounts for your patients provides several benefits, especially if you are using a centralized management tool. You can reset their password should they forget it, delete or deactivate their account if they are no longer receiving services from your organization, and help users who might otherwise be uncomfortable with the technology and process of creating their own accounts.
A separate account created for patients, whether managed by your organization or by the patient, allows for a clear delineation between calls related to healthcare and calls that are of a personal nature. It is recommended that they use a separate account when possible. If the account created is their first account for this kind of application, it is recommended that you advise them to keep the account focused on healthcare and that they create a separate account should they have interest in using the technology for personal use. At present, there is no mechanism to restrict who users communicate with, which may mean that users attempt to use their accounts for videoconferencing with other individuals and organizations.
A possible concern can be raised when creating patient accounts that have clearly identifiable information as a part of their display or username. Should a patient communicate with a physician or hospital employee that is working from home, the patient’s name and contact information will be placed within the contact list of the employee. This means that a personal, home-based computer of an employee would contain information about patients. These concerns are addressed elsewhere in this document through recommended call initiation policies, but it is important to acknowledge that the concerns do exist.
Have external partners manage their own accounts when possible. Consider managing their accounts if they are interested in using desktop videoconferencing software to communicate with your organization but do not have the knowledge or ability to manage their accounts. If your organization is in a position where it needs to manage the accounts of your external partners, be certain that any account management is supported with education on the proper use and configuration of the application.
There are some problems with managing the system for your external partners, as your organization will not be able to configure their software through registry changes as you can on your own network. This means that configuration will have to be performed manually and possibly by collaborating with outside IT departments.
Back to top
Configuring Software
Some of the concerns surrounding the use of consumer-grade videoconferencing applications stem from issues that turn out to be rather simple configuration requirements. Policies and standard configurations can help to reduce these concerns in some areas, while centralized management tools can help in others. Note that even the best policies and configuration options will not keep problems from arising if individuals do not comply with the standards set by your organization.
Back to top
Stay Current
One of the best ways to ensure that your users have the most secure environment possible is to turn on the automatic update feature of the desktop videoconferencing software. Updates released by the manufacturer often include patches to security-related bugs. By turning on automatic updates, you guarantee that your users will have these bug fixes applied as they are released. You may need to ensure that your firewall is not blocking the manufacturer’s automatic update traffic and download site, as this can render the update procedure ineffective.
Note that your organization may decide that there are risks with automatically updating software, as concerns may exist regarding the potential for new security bugs to be created by new releases, or new functionality that is released that may cause privacy concerns in your organization.
Should your organization recommend turning off auto-update functionality based on these concerns, you will want to put in place a plan to stay up-to-date on the releases offered by the manufacturer. This plan should include a way of regularly testing new releases from the manufacturer, and should address how you will update your users’ software once a new release has been approved for use in your organization.
Back to top
Stay Protected
Antivirus software is strongly recommended for any individual using desktop videoconferencing applications. Most organizations provide antivirus software for computers on their network, and have policies requiring all computers connecting to their network to use anti-virus software. These policies may need to be updated to include guidance for people using desktop VTC applications from home.
Your organization should consider providing a method for users to acquire antivirus software on their home computers if they will be used to communicate with your network via videoconferencing. This should extend to patients as well; if they are unprotected and their computer becomes compromised, the virus may try to use the VTC application as a vehicle for spreading to other computers.
Your organization may need to configure users’ antivirus settings to allow the videoconferencing application to run, as some antivirus manufacturers have flagged desktop VTC applications and blocked their operation and / or TCP and UDP network traffic.
There have been rumors and concerns about viruses that target products such as Skype and Oovoo. These concerns often drives healthcare professionals away from the using these products. A review of the available literature on this topic indicates that many of the concerns have not been validated. A handful of Skype exploits were uncovered and fixed between 2005 and 2007, and some recent spam-style Skype chat messages have impacted Skype users.
The lack of extensive real-world exploits of these products does not mitigate the importance of good protection in the form of anti-virus software and good prevention in the form of user education. Please refer to the section of this document regarding user education for more information.
Back to top
Limit Features
Desktop videoconferencing applications provide some very useful features that have obvious benefits to an organization – video calls, chat applications, and desktop sharing. There are several other features, however, that are either not immediately clear to an organization or else pose risks that are not clear by default. These features should be turned off.
Below is a look at many of the features that should be configured or shut off; your organization should review the settings and options for whichever application you are implementing to decide if there are other features that should be configured.
- Turn off log files, which provide the ability to log incoming and outgoing calls, instant messages, sent files, and other account activity, as they can contain patient information
- Disable file transfers, as they can support the transmission of viruses
- Do not allow “untrusted” calls to be received from individuals who are not approved contacts, as this will keep spammers from sending messages to your users accounts
- Do not allow third-party applications unless they have been thoroughly vetted by your organization, as applications or plug-ins may use or support unsafe scripting that can open a virus attack vector
- Restrict how users can be “looked up” in the manufacturer’s user directory to username and email address, as this will reduce the number of false “add contact” requests
- Disable automatic sign-in, as this will keep users from accidentally logging into the software when their computer restarts, preventing them from appearing to be available for a video call when they are not
- Restrict how much personal information is shared in a user’s profile, by inputting the minimum information required and by disabling any search and display functions for information such as date of birth or gender
- Disable the recording of any content within the VTC session, including image snapshots, audio, and video
- Require VTC sessions to start with the video automatically turned on, in order to reduce some support issues with video not displaying and to ensure that both participants can see one another at the start of the session
- Oovoo supports a web interface that allows users without Oovoo installed to engage in a VTC session by visiting a website
- If this is enabled, disable the ability to accept incoming calls, restrict domains that can host your video content, require permission for all people joining the room, and require a password for participants
- Determine if there are additional features to which your organization would like to limit access
Encryption
One of the first questions to come up when discussing the functionality of desktop videoconferencing applications is whether or not they support encryption. While not all of the products support encryption, those that do sometimes require users to enable encryption manually. See our product comparison for more information. If there is a manual setting for enabling encryption, ensure that it is turned on for all communication, including video, audio, and instant messages.
Beyond the use of encryption for VTC communications, your organization may also want to require either full disk or partial disk encryption. Full disk encryption is regarded as being more secure than partial disk encryption, and is generally recommended as being a better choice. Using a tool to encrypt the contents of a hard drive will secure log files or recordings that may have been left on the drive.
As with antivirus protection, your organization may want to consider finding a way to provide resources for your patients to help them choose and implement encryption on their own systems. Note that this may go beyond the scope of many of your users, and, while ideal, may not be practical for use beyond your organization and employees.
Back to top
Educating Users
Much of the potential risk surrounding these consumer-grade systems comes from the users themselves. Proper education of the users can increase the safety of using these systems by teaching them safe computer habits, and can help drive up compliance with policies and procedures by informing users of the rationale behind them.
General Education
Some topics should be covered for all users of these systems. Below are some points that should be covered in your organization’s educational materials.
Phishing – phishing is the attempt to gather sensitive information by posing as a trusted source. This can come across as links to sites claiming to be run by a company, and will often ask for credentials or other information to be submitted into a form or sent in an email. Inform your users that you will never ask for their account information via email or phone.
Spam – spam is the sending of unsolicited messages to a user. In desktop VTC, these may appear as requests to add contacts, to view a file or website, or to start a videoconferencing session. Much of these can be avoided by informing users not to accept “friend requests” from unknown sources and by having them verify the identity of any incoming requests before accepting them.
Encryption – a basic description of why encryption is important should be provided. Likewise, you should inform the users if your recommended product does not provide encryption.
Policies and Procedures – all users should be told which policies and procedures pertain to desktop videoconferencing, and they should be informed of what the policies and procedures mean.
Provider Education
Healthcare providers and other employees of your organization should be provided with both the above educational materials, as well as the following:
Internal Resources – if your organization is implementing a program that supports desktop videoconferencing, a basic training on the tool and its relevant policies and procedures may help users feel comfortable. Teach them what resources are available on campus and how to access them.
Configuration – if there are any additional configuration tasks that need to be completed by your users, explain to them what must be done, and create clear instructions to walk them through the process. Similarly, explain if there are certain features that they should not enable or change.
Patient Education – providers who will be interacting with patients via videoconferencing should also learn how to teach patients about the new technology they are about to use. Educational materials should be provided, and your employees should be taught how to present these materials to the patient. Some patients will approach this technology with trepidation, while others may assume that their level of technical knowledge exempts them from learning about the intricacies of these applications. Both groups can benefit from educational materials from your organization.
Videoconferencing Best Practices – not all users are comfortable with videoconferencing, and they may not know how they should interact with the patient or how they should present themselves while onscreen. Provide basic information to teach users how to work with the technology so that they are more comfortable and effective with the desktop system.
Back to top
Patient Education
As mentioned above, patient education is an important element of using these systems in a healthcare environment. Whether working with technically-savvy patients or technophobes, a baseline of education is critical. Patients should know about the general education information, as well as the following:
HIPAA and Videoconferencing – users may not understand that they have a role in ensuring the safety of their information. Teach users about how they will play an important part in keeping their information safe. If your system is not using encryption, a reasonable effort needs to be made to ensure that your patients understand the risks of communicating over an unencrypted channel, and to provide them alternative options for communicating with your organization.
Configuration – it is most likely that patients will have to install and configure these applications on their own. Provide them with a simple, easy-to-use guide to ensure that they are comfortable with the process.
Personal Information – reaffirm that your organization will not ask for personal account information in an email or text format, and that users should report suspicious links or emails to your organization.
Process – teach your patients how a videoconferencing session will be initiated, and provide them with an understanding of any of your policies and procedures about how you will be delivering healthcare with this technology.
Back to top
Handling Calls
With the software installed, the system configured, and the users educated, it can be tempting to jump immediately into making video calls. Before any official VTC sessions take place, however, some extra thought should be put into how calls will be initiated and terminated. Live video interactions may benefit from a handful of policies and procedures, especially if involving a patient without a medical professional physically present in the same room.
*Note that the following information is focused on calls between patients and healthcare providers.
Back to top
On-Call vs. Scheduled Calls
Most organizations will likely choose to accept calls only within scheduled times, treating the videoconferencing session as any other scheduled encounter with a healthcare provider. However, an organization may opt to allow for an “on call” account to be created that is accessible by patients or other providers on a more flexible basis.
Regardless of the decision of your organization, this information should be communicated with the patient as a part of patient education prior to beginning any videoconferencing sessions.
Back to top
Call Initiation
Determine who is responsible for placing a call and establishing the initial video connection. Do patients call your organization, or vice versa? Also, establish if there is a clinical workflow into which this technology needs to fit. Will there be an initial patient registration with a nurse or case manager at the start of the session, or will the call begin immediately with the primary provider?
Back to top
Caller Verification
Some levels of security are an inherent part of the desktop VTC system – users must enter a username and password, a contact must be selected and intentionally called, the call must be accepted, and a video image is being presented to the patient and provider.
Concerns have been expressed by some healthcare providers that this is not enough, and that additional measures must be taken to ensure that the patient and provider are who they say they are. Possible examples of this extra level of security include:
- Establishing a “secret phrase” that is used at the start of the videoconferencing session. This serves as a sort of secondary password that only the provider and patient know.
- Confirming the patient or provider identity through a known good phone number prior to initiating the videoconferencing session.
- Asking the patient to verify an element of personally-identifiable information.
Your organization may decide that the built-in security of the VTC system is sufficient, or you may implement additional measures to provide further authentication for your users. Any assessment of risk surrounding this technology should include risk mitigation strategies such as those listed above.
Back to top
User Comfort
Desktop videoconferencing is a relatively new phenomenon, especially in the field of healthcare. As such, it may be new and unsettling for some patients and providers. At the start of the call, strive to make sure that users on both ends of the call are comfortable with the conversation and the technology. Beyond standard rapport-building questions with the patient, check to ensure that the audio is loud enough, that the video is clear enough, and that they are comfortable in their current surroundings.
Traditional, room-based VTC sessions typically have had a healthcare professional physically present with the patient, while desktop communications may allow for a patient to be in an environment that is stressful or that may not lend itself to adequately confidential conversations. It is recommended to establish a method for determining that the videoconference can proceed as a part of establishing the patient’s level of comfort.
Back to top
Terminating the Call
Make sure that all of the patient’s concerns related to the VTC session have been addressed and that there is nothing else that needs to be discussed before signing off. Recap what was discussed, and clarify if there is follow-up that will happen. Will there be another videoconference, a phone call, an email, or an in-person clinical visit? Consider implementing a short, formal evaluation of the call for ongoing process improvement. Close all application windows and make sure the connection is officially closed before moving on to the next task.
Depending on your organizational policies, you may want to consider signing off from the application unless there is another call scheduled. This can ensure that other users do not try to start a video conference with you while you are unavailable, and will close any application windows that contain relevant patient contact information.
Back to top
Dealing with Errors and Connectivity Problems
As with any technology, there is the possibility of an error occurring in the course of a consumer-grade videoconferencing session. Properly handling these errors is a crucial skill to ensure the success of a desktop VTC implementation.
Back to top
Connectivity Problems
There are times that connectivity to the videoconferencing system will not be available due to both internal and external network issues. This may appear as an inability to log in to the software, a problem with calling the intended user, or video calls that “drop” in the middle of a conversation.
If you cannot log in to the software, there may be a problem with your organization’s firewalls or with network connectivity. First assess if it is a network problem by attempting to browse to an internet site. If basic network functionality appears to be working, there may be a problem caused by traffic to the manufacturer’s authentication server getting blocked. Check with your organization’s IT department to see if there are any known blocks on traffic to the manufacturer’s servers.
If your network appears to be working, there may be a problem with the manufacturer’s authentication server. Depending on the level of customer service that your organization receives, you may be able to inquire as to whether or not there is a known outage of their services. This information may also be posted to their website or forums.
Regardless of the source of these problems, a procedure should be put in place that works around these issues. If the video call cannot be completed, a fallback plan that uses a phone to communicate with the patient may be needed. The phone call might not replace the scheduled videoconference, but can serve to communicate with the patient and help in the creation of a follow-up plan.
Back to top
Video Problems
Videoconferencing is a bandwidth- and processor-intensive method of communicating. As such, certain problems may arise if there are insufficient resources to support the call. Some of the symptoms of these insufficient resources include “blocky” video where portions of images appear to freeze or slow down, “out of sync” videos where the audio and video do not match up, or “dropped” video where the audio continues but the video is no longer available. Some of the products support voice-only calls, which allow users to disable video if there is insufficient bandwidth for video content.
If the problem is tolerable and does not adfersely impact your capacity to provide clinical services, it may be worthwhile to continue the session without changing any settings. Verify with the patient that they are comfortable with the status of the video, and continue if they are willing.
Should the problem get to the point where it must be resolved, first close down any extra background applications that may be using system resources, especially if they also require large amounts of bandwidth. If that does not resolve the issue, communicate with the user that you will be restarting the application, and ask that they do the same. Exit the application and restart it, then initiate a new video call. If that does not fix the problem, there may be other network issues, in which case users should treat this as a connectivity problem and resolve it accordingly.
Sometimes there will be no video at the start of a videoconference. If this is the case, check to make sure that the web camera is plugged in. Should the problem continue after the camera is plugged in, ensure that it is selected as the video input for the application in the settings and options menu. If the problem continues, you may want to consider ending the call and following up either via the phone or in person. The lack of video may be a concern in some settings, as it is removing one of the authentication features of desktop videoconferencing, which is the ability to see the other user to verify their identity.
Back to top
Audio Problems
Poor audio quality can be an extremely frustrating problem, oftentimes to a greater degree than a bad video signal. Examples of these problems include “garbled” audio that is unintelligible, “delayed” audio where the audio does not come through for several seconds and then is played back at a faster or out-of-sync rate, audio feedback, quiet audio, and no audio.
Garbled and delayed audio are both typically the result of connectivity problems, and rarely occur unless there are also significant video problems at the same time. These problems should be treated as network connectivity issues.
Audio feedback can range from hearing an echo of your own voice to a swelling, high-pitched noise that results from the microphone picking up and playing back the audio from the speakers. Both of these issues stem from either having the speakers up too loud or too near the microphone. Note that some microphones are more prone to picking up feedback signals than others, and that this problem may be especially pronounced in laptops with built-in microphones and speakers.
The problem of feedback can be resolved in a couple of ways. First, try turning down your speaker volume and have your patient do the same. If the problem persists, attempt to turn down the sensitivity of the microphone by going to the settings and options menu. Should neither of those options resolve the problem, use headphones and consider purchasing a better webcam or microphone.
Back to top
Terminating Accounts
A need will eventually arise in which an account must be turned off. Either a user is moving from the organization, patients are no longer engaged in active sessions, or new tools are brought on board that replace existing implementations of consumer-grade products. Having a plan in place – possibly as an extension of other account-creation policies and procedures – will make for an easier process when the time inevitably comes. Note that some of these steps may vary depending on organizational policies and decisions.
Back to top
Provider Leaves the Organization
When a provider leaves an organization, several things may be done to close their account, depending on the product being used. If the software has a management interface, deactivating the account should be a simple matter that involves no interaction with the provider.
Products that do not include a management interface pose a different problem. As the username and password are created and managed by the provider, it will require their cooperation to deactivate their account. If possible, have the user delete their account as a part of their exit process. This is where it is especially useful to have created a work account that is separate from their personal account.
Note that not all products provide an easy or clear way to delete an account, which may pose a problem when trying to clear personal information from any personal computers.
Back to top
Patient No Longer Receiving Treatment
If your organization was managing the patient’s account through a management interface, simply deactivate their account. If the account was created and managed by the patient and there is a need to block the patient from further video communications with your organization, it is possible to select the username and block incoming calls from them.
Back to top
New Technology Implemented
If a new technology is implemented that will replace an existing desktop videoconferencing application, a transition plan should be put in place that allows users to migrate their existing contact information and close their accounts. There is not currently an easy way to migrate from one platform to another, and this is likely to be a challenging undertaking that will require extensive coordination and training of your users.
Back to top
Summary
Desktop videoconferencing with consumer-grade applications has created a new way of communicating within your organization and beyond. This newfound ability to connect introduces the need to safely and effectively administer and control communication. By putting effort into a planning process, it is possible to develop a series of policies and procedures that will help manage the new workflows, risks, and opportunities presented by this changing technology.
Back to top