Covid poses "greatest threat to mental health since the second world war." Learn more about how we're supporting people during this challenging time.
Restoration Therapy's video portal is provided by Power Diary and is designed to provide health practitioners with a safe, secure, compliant and simple way to conduct video sessions with their patients.
Here's some specific information about the security features of our Telehealth functionality:
This is a framework that allows browsers to securely send and receive live data to each other. Telehealth's system is designed so that in nearly all circumstances data does not pass through any third-party servers.
Power Diary has created secure Telehealth 'rooms' for each client, along with a special key to access the room. When you and our counsellor both enter the room, Power Diary 'introduces' our browser and your's. This introduction enables both browsers to identify and agree on how to best talk to each other. This happens automatically and usually in less than a second. The two browsers then develop a secure, encrypted, and direct connection with each other, which allows for video, audio and other data to be sent back and forth, i.e. your video call begins.
As the call data is being exchanged between you and Restoration Therapy's browsers, data is not being streamed via any server, nor any other media streaming services that could decrypt the data. This not only helps ensure optimal call quality but ensures that the content of your video call remains between you and us.
Importantly, to further enhance security and privacy, Power Diary does not use any white-labelled third-party video conferencing systems for the Telehealth service. None of your information, nor the secret key to access the room is shared with other parties.
Both during the 'introduction' phase and during video calls all data exchanged is encrypted. During the call all video, audio and other related data exchanged between the call participants are encrypted using DTLS-SRTP. This provides key security benefits including;
In rare circumstances, if either end has a corporate firewall in place, the networking configuration can cause problems with setting up the peer-to-peer connection. This is a very small proportion of users. In that case only, the system will use a relay server which will take the encrypted video and audio and route it via something called a TURN server. Importantly a TURN server doesn't understand or have the ability to 'peek' into what it's actually routing. The encryption remains end-to-end, having being set up directly between your computer and our's.
Because the call data is being encrypted and exchanged directly between the browsers of the call participants, no one, including Power Diary can access the call data. Once the call has been established, the call data never passes through their servers or infrastructure.
Yes, Power Diary's Telehealth functionality has been designed and built to comply with the privacy and security requirements of the primary jurisdictions that we operate including Australia, United Kingdom, United States of America, Canada, South Africa, New Zealand, and countries within the European Union (and European Economic Area).