You might have noticed that I talk a lot about different activities and interventions that therapists can do via telehealth, including games that you can play online with your clients. There are, of course, privacy concerns that we must keep in mind in order to provide legal and ethical telehealth services. This is something I speak about at length in the telehealth trainings I have done but have not yet addressed in the blog.

When I conduct a telehealth session, I use either Zoom or my electronic health record, TherapyNotes. I have the HIPAA-compliant version of Zoom created for healthcare providers, and TherapyNotes is a fully HIPAA-compliant system. Sessions have end-to-end encryption that ensures privacy and confidentiality of all information exchanged during the session.
The various websites with online games that can be played in telehealth sessions do not use encryption. The private game rooms themselves are not encrypted. Because of this, I do not use any communication features in those game rooms. If a client wants to use text chat to talk to me, I let them know that they must use Zoom’s encrypted chat feature and not one on the website. If the website asks for names, we use first name only or false names.
Nothing in the game room indicates that the game is part of a therapy session. If someone were to access a private room, they would simply see that someone was playing the game. Most sites that use private game rooms have an option to play with a random stranger, so if someone viewed the room they would not even know for sure whether or not the players have any connection other than being randomly assigned to each other.
If you use these activities, make sure your clients understand that they are only to use the game room for playing the game and not to use any chat features.
Always, always, always maintain confidentiality and uphold HIPAA standards!