Get Live Chat Request a Callback Get live demo

← Back

Protect your Patients & Practice from Telehealth Zoombombing


Security & Privacy Concerns with Zoom Platform

AdvancedMD and our telehealth partner, Zoom, are equally committed to the security and privacy of the patient-provider relationship and associated information. Over the past few days there have been reports in the media about security and privacy vulnerabilities in Zoom. Our security and R&D teams have been following this issue closely and continue to track news on this issue. It’s our commitment to provide updates on fixes and preventative measures as they become available.

Below you will find information regarding concerns currently in the media, an update AdvancedMD previously made to address concerns, and what you can do to help keep your telehealth visits secure.

Read more about information specifically addressing Zoom’s efforts to address privacy and security vulnerabilities.

What are the security and privacy concerns with Zoom?

There are two major issues that have been broadly reported. Zoombombing is the term for crashing into a Zoom meeting. There are two ways this vulnerability can impact our customers:

  • A malicious actor could happen to identify an ID for an ongoing telehealth call, and then join the call directly or share the meeting ID with a large group of people who could then Zoombomb the call.
  • An innocent person could inadvertently transpose numbers in their own meeting ID and accidentally join a telehealth call.

These options are highly unlikely for the type of Zoom meetings used within AdvancedMD telehealth as each meeting is created with a new and random meeting ID.

To further protect your telehealth visits, yesterday AdvancedMD updated all telehealth sessions so a chime rings any time anyone enters and exits the session. This is now a default setting. This setting should be left selected by the provider.

What further efforts should you do?

  • Providers should lock telemedicine meetings. To lock a meeting, go to Manage Attendees > More > Lock Meeting after the Zoom meeting launches, and all participants have entered the meeting.
  • Providers and patients should download the latest version of Zoom which will apply and enable this security fix. Zoom users are prompted after each meeting to update the Zoom client if a new version is available.
    Please note: On April 1, 2020 it was reported in news media that once a hacker joins a Zoom meeting, the hacker can use a specially-crafted link to steal users’ Windows credentials. This vulnerability was patched on April 1 and is no longer an issue.
  • Require providers to admit attendees (automatic security enhancement). To enhance security in our telehealth feature, we have enabled a new setting in Zoom called Waiting Room. This change requires the provider to admit all attendees to the call. The admit process is simple and can be done directly after starting the visit session. If needed, the provider can also remove attendees. This increases security and privacy against malicious Zoombombing attacks. Prior to this enhancement, anyone in the telemedicine waiting room could automatically join the meeting.

Topic: Telemedicine

Other Resources Related to This Topic

Patient Experience

The State of Telehealth in 2024

The adoption of telehealth has exploded over the past few years with more independent practices...


2024 Winter Release On-Demand Webinar

We’re excited to share the new features and many enhancements to our practice management, EHR,...


The Current State of Telehealth in Ambulatory Care

Since 2020, the healthcare industry has widely adopted the use of telehealth or virtual appointments....

“The money I have invested in AdvancedMD is miniscule compared to the return. I have never been more efficient – ever – in my professional life as I am now.”

Jed Shay, MD
The Pain Care Center

Read the story  ›

“[Our] patients are very well-educated and well-informed, and they want to see results quickly. The practice has to run extremely efficiently and be accessible to them. The nice thing about [AdvancedMD] is it has allowed me to be more efficient both in and out of the office. Now I don’t have to come back into the office, which is great for my family and everything else. It saves me a lot of time – probably an hour a day on the three days I work in the second office.”

Keith Berkowitz, MD
Center for Balanced Health

Read the story  ›
Estaban Lavato, MD - La Loma Medical Center

“The best thing I ever did in private practice was getting AdvancedMD—it has liberated me.”

Estaban Lavato, MD
La Loma Medical Center

“Having integrated practice management and EHR is absolutely wonderful, you don’t have to flip back and forth between systems—all of your information is at hand when needed.”

Raju Raval, MD

Read the story  ›