Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 2 Current »

HIPAA compliance at Lehigh University is limited to a few specific areas on campus. If Zoom is used in these sensitive areas then these settings are mandatory and must be configured by the individual user.

Individual responsibilities for Zoom configuration in HIPAA-Compliant Settings Only:

  1. Open Web Browser → https://www.zoom.us/web/sso/login?en=signin#/sso

    1. Enter the following for company domain: lehigh

    2. Enter username and password credentials and click Login

  2. Located on the left menu pane: select Settings

    1. Navigate to security: select "Waiting Room". This will allow users to enable a virtual staging area that prevents people from joining a meeting until the host is ready. Meeting host(s) can then admit people in the Waiting Room individually or all at once. This reduces the risk of unauthorized participant(s) from joining the meeting.

    2. Scroll down within security section and enable the following: "Allow use of end-to-end encryption". Click Enable.

    3. Scroll down to "Default encryption type" and select the following: End-to-end encryption. Click Save.

    4. Scroll down to "Only authenticated meeting participants and webinar attendees can join meetings and webinars" and select to enable authentication functionality.

    5. Scroll down to "Only authenticated users can join meetings from Web client" and select to enable reinforce web authentication functionality.

    6. Scroll down to "Block users in specific domains from joining meetings and webinars" and enable functionality. Add domains and click Save.

    7. Scroll down to "Meeting chat" and disable (e.g., select slider) to not allow meeting participants to send chat messages. Click Disable.

    8. Scroll down to "Screen sharing" and disable functionality.

  3. In an Active Meeting Only: Click on Host tools and select Lock Meeting feature in order to prevent any other participants from joining the meeting. See screenshot below.

Lock_Meeting.png
  1. HIPAA-Best Practice: Adopt and follow as a best practice limiting the transmission of ePHI data to a minimum.

  2. Two-Factor Authentication Verification Only: Verify with your organization (e.g., LTS IS) that Zoom’s Two-Factor Authentication is enabled to protect users against security breaches.

  • No labels