Lifesize Healthcare Solutions and HIPAA Compliance

What is HIPAA?

HIPAA stands for Health Insurance Portability and Accountability Act of 1996.

HIPAA is a federal law that requires healthcare plans, healthcare clearinghouses and most healthcare providers (all known as Covered Entities) to implement certain privacy and security protections for individually identifiable health information (known as “protected health information” or PHI). HIPAA, as modified and expanded by the Health Information Technology for Economic and Clinical Health (HITECH) Act, also mandates that Covered Entities contractually require their “Business Associates” with access to PHI to implement HIPAA’s privacy and security protections.

HIPAA includes both the Privacy Rule and the Security Rule. The Privacy Rule, a federal law, gives individuals rights over their health information and sets rules and limits on who can look at and receive it. The Privacy Rule applies to all forms of individuals’ PHI, whether electronic, written or oral. The Security Rule, a federal law that protects health information in electronic form, requires entities covered by HIPAA to ensure that electronic PHI (ePHI) is secure. The Privacy and Security Rules focus on information safeguards and require Covered Entities and Business Associates to implement the reasonable and appropriate means to secure and protect health data.


Lifesize video conferencing products and services, including cloud video conferencing, are aligned with customers seeking to comply with HIPAA.

While there are no official government or industry certifications for HIPAA compliance, Lifesize has reviewed HIPAA privacy and security requirements and aligned its products, policies and procedures to support customers in accordance with HIPAA.

Lifesize customers who are required to comply with HIPAA must have a services agreement with Lifesize (including a Lifesize Cloud Terms of Service agreement). If appropriate, Lifesize may sign a HIPAA Business Associate Agreement (or BAA) with such customers.

Because each Covered Entity or Business Associate must determine and maintain its own compliance with HIPAA, Lifesize customers retain responsibility for HIPAA compliance and must configure Lifesize products and services and enforce policies for use within their organizations to fully comply with HIPAA.

Technical safeguards for Lifesize video conferencing products include AES encryption of data streams (both video and audio), which is standards-based H.235 encryption and interoperable with systems that follow this standard, system access controls and password protection in the user and administrator preference menus. The efficacy of some of these safeguards depends on human behavior—Lifesize customers must enforce policies and standards on password handling and other protections to maintain the safeguards.

NOTE: Lifesize enables customers who are subject to HIPAA to leverage Lifesize’s secure environment to transmit protected health information (PHI) during real-time video conferences among participants who can legally receive such PHI. However, customers should not use Lifesize’s services to record or store PHI. Customers must ensure that all recording features, including Lifesize Record & Share, Live Stream and Chat, are not used for PHI. These features may only be used for purposes unrelated to PHI. A customer’s account administrator may elect to disable these features to ensure they are not used for PHI by the customer’s account users. For assistance with disabling account features, please contact a Lifesize customer support advocate.

Austin, Texas, USA
+1 512 397 9300
Toll Free US +1 877 543 3749

EMEA Regional Officer
Munich, Germany
+49 89 20 70 76 0
Toll Free Europe
+00 8000 999 09 799

APAC Regional Office
+65 6631 2831


© 2021 Lifesize, Inc. All rights reserved. Information contained in this document is subject to change without notice. Lifesize and the Lifesize logo are registered trademarks of Lifesize, Inc. All other trademarks are the property of their respective owners.


Need more help?
Contact one of our local sales representatives.