Authority figures oppose the use of Skype for online therapy


“Skype is not looking after the privacy of your client data, therefore it shouldn’t be used to communicate about mental health issues.”


Kate Anthony - Skype is not appropriate for online work
Dr. Kate Anthony
  • Leading world expert in the use of technology for mental health
  • Fellow of the BACP (British Association for Counselling and Psychotherapy)
  • Co-Founder of the Online Therapy Institute.
    Full Bio

“Anyone who uses Skype has consented to the company reading everything they write.”


The H-Security Team - Skype with care, Microsoft is reading everything you write
The H-Security Team
  • ‘Skype with care – Microsoft is reading everything you write’
  • Read the article

“Microsoft is reading Skype messages”


Naked Security - Microsoft is reading Skype messages
Naked Security

“If you opt to use Skype to communicate with patients, be aware of the risk that HIPAA rules may be violated.”


American Psychological Association Practice Central
  • 'Does the use of Skype raise HIPAA compliance issues?'
  • Written by The Legal and Regulatory Affairs staff at the American Psychological Association (APA) Practice Organisation
  • Read article

“Skype is not a business associate subject to HIPAA nor have we entered into any contractual arrangements with covered entities to create HIPAA compliant privacy and security obligations.”


Harvey Grasty

Report Overview


"PlusGuidance is a HIPAA compliant, highly secure platform that is now free for therapists to do online therapy via video call, voice call and instant messaging with their clients."


Nathaniel Smithies
  • Founder & Chief Executive Officer
  • September, 2015
  • Sign-up here

Introduction

Because we are so familiar with Skype, we have come to trust it. This is why it is important to evaluate the evidence behind its security and confidentiality; particularly with regards to its role in healthcare.

Skype and other telecommunication platforms are being used by therapists and counsellors (amongst other healthcare practitioners) to carry-out treatment at a distance. It is easy-to-use, readily available, has free and paid services, and connects users to approximately 600 million people worldwide. The reasons behind Skype’s high use are mainly due to it being free for Skype-to-Skype user calls, but the consequences of this are undetermined.

In May 2013, Naked Security published a report titled “Microsoft is reading Skype messages” and showed that URLs are embedded in a Skype conversation meaning Microsoft has access to an unencrypted form of messages.

Skype and Standards


HIPAA compliance legislation has been introduced in America as a set of strict standards that all healthcare providers legally have to comply to. It has become the gold standard of security and privacy for health practices across the world.

Because Skype is not established as a healthcare service provider, it has no agreements or obligations to the therapists and clients that use their site. These agreements are essential to be HIPAA compliant, but more importantly this lack of obligation leaves clients vulnerable to mistreatment and their health information being misused.

Skype is not HIPAA compliant, as a spokesman recently commented: “Skype is not a business associate subject to HIPAA nor have we entered into any contractual arrangements with covered entities to create HIPAA compliant privacy and security obligations.” Harvey Grasty, Skype representative.

Why is it important to be HIPAA compliant?

Protected Health Information (PHI) is any information about health and treatment that is linked to a specific individual. HIPAA compliance ensures that the PHI of every individual (under the covered entity) is secure and protected. HIPAA compliance means that PHI is not misused or distributed, and that is remains intact. It ensures PHI is monitored and reviewed, and that security measures remain effective.

The Legal and Regulatory Affairs staff at the American Psychological Association (APA) Practice Organisation also point out the issues related to Skype when considering online therapy:

“Some organizations recommend not using Skype and similar Web-based platforms because of concerns related to HIPAA requirements.
The bottom line: If you opt to use Skype to communicate with patients, be aware of the risk that HIPAA rules may be violated.“

In 2014 the APA also released a Resource Document on Telepsychiatry and Related Technologies in Clinical Psychiatry. Should you choose to overview their notes on different online therapy practices you can download the document here.

Further limitations of Skype

In addition to the issues of security and privacy, there could be arguments about the feasibility of using Skype in relation to other areas of your practice.

Skype is only a telecommunication tool. You can’t receive payments through Skype and you can’t manage your billings and invoices. This is of utmost importance to have in order to avoid any issues related with tax and insurance.

The standard indemnity insurance used for your in-person practice will likely not cover the work you do on Skype. If your current policy does not cover online work you could just expand your coverage. But there is an issue: many insurance providers will not cover Skype therapy. Generally, if your insurance company hasn’t traditionally covered telephone services, they will most likely not pay for Skype sessions and any other non-HIPAA-compliant video online service.

Simplify your practice with PlusGuidance