Covid poses "greatest threat to mental health since the second world war." Learn more about how we're supporting people during this challenging time.

Learn More

Covid poses "greatest threat to mental health since the second world war." Learn more about how we're supporting people during this challenging time.

Video portal: security, privacy and compliance

Restoration Therapy's video portal is provided by Power Diary and is designed to provide health practitioners with a safe, secure, compliant and simple way to conduct video sessions with their patients.

Here's some specific information about the security features of our Telehealth functionality:

How does it work?

  • Our Telehealth functionality uses WebRTC technology that is built into modern web browsers.

This is a framework that allows browsers to securely send and receive live data to each other. Telehealth's system is designed so that in nearly all circumstances data does not pass through any third-party servers.

Power Diary has created secure Telehealth 'rooms' for each client, along with a special key to access the room. When you and our counsellor both enter the room, Power Diary 'introduces' our browser and your's. This introduction enables both browsers to identify and agree on how to best talk to each other. This happens automatically and usually in less than a second. The two browsers then develop a secure, encrypted, and direct connection with each other, which allows for video, audio and other data to be sent back and forth, i.e. your video call begins.  

As the call data is being exchanged between you and Restoration Therapy's browsers, data is not being streamed via any server, nor any other media streaming services that could decrypt the data. This not only helps ensure optimal call quality but ensures that the content of your video call remains between you and us.

Importantly, to further enhance security and privacy, Power Diary does not use any white-labelled third-party video conferencing systems for the Telehealth service. None of your information, nor the secret key to access the room is shared with other parties.

Are Telehealth Calls Encrypted?

  • Power Diary's Telehealth functionality is a peer-to-peer connection and is encrypted end-to-end.

Both during the 'introduction' phase and during video calls all data exchanged is encrypted. During the call all video, audio and other related data exchanged between the call participants are encrypted using DTLS-SRTP. This provides key security benefits including;

  • Integrity (preventing interference in data during transmission)
  • Authentication (enabling all parties to authenticate the identity of the other)
  • Privacy (ensuring that all call data exchanged between browsers is encrypted end-to-end and therefore can not be intercepted and interpreted by others.) 

In rare circumstances, if either end has a corporate firewall in place, the networking configuration can cause problems with setting up the peer-to-peer connection. This is a very small proportion of users. In that case only, the system will use a relay server which will take the encrypted video and audio and route it via something called a TURN server. Importantly a TURN server doesn't understand or have the ability to 'peek' into what it's actually routing. The encryption remains end-to-end, having being set up directly between your computer and our's. 

Can Telehealth calls be monitored by any third party, including Power Diary?

  • Our Telehealth solution complies with ' No vendor access' privacy requirements.

Because the call data is being encrypted and exchanged directly between the browsers of the call participants, no one, including Power Diary can access the call data. Once the call has been established, the call data never passes through their servers or infrastructure. 

Does Power Diary store Telehealth call data?

  • Absolutely no audio, visual or other content exchanged during your Telehealth call is stored by Power Diary. We do not ever have access to this content.  

Is Power Diary's Telehealth functionality HIPAA Compliant?

  • Yes, the security features of our Telehealth functionality comply with all relevant HIPAA requirements. 

Is Power Diary's Telehealth functionality GDPR Compliant?

  • Yes, our Telehealth functionality complies with all GDPR requirements. 

Is Power Diary's Telehealth functionality compliant with the Privacy and Security principles of my country?

Yes, Power Diary's Telehealth functionality has been designed and built to comply with the privacy and security requirements of the primary jurisdictions that we operate including Australia, United Kingdom, United States of America, Canada, South Africa, New Zealand, and countries within the European Union (and European Economic Area).

I have another question about telehealth security, privacy and compliance - can you answer it?

  • Yes - most definitely!  Email Power Diary at support@powerdiary.com and ask them anything.
Read more

Other resources

Be the best version of you
Our mission is to enable this
Online & COVID-19 friendly
Book your first appointment
Fast and secure payments
We help individuals who are struggling to manage life’s challenges by providing therapeutic support to be the best version of themselves.
Copyright © 2020 Restoration Therapy. All rights reserved.
Be the best version of you
Our mission is to enable this
Online & COVID-19 friendly
Book your first appointment
Fast and secure payments
We help individuals who are struggling to manage life’s challenges by providing therapeutic support to be the best version of themselves.
Developed and managed by Ark Digital Agency.
Copyright © 2020 Restoration Therapy. All rights reserved.
Developed and managed by Ark Digital Agency.
Copyright © 2021 Restoration Therapy. All rights reserved.
lockcartclockcross