Okay, so not all of us use FaceTime for sleazy video calls, but either way, you’ll be glad to hear that your FaceTime calls really are encrypted — just like Apple promised back in July 2010 — as long as you use the right type of connection. Shortly after the release of FaceTime last year, the Cupertino company responded to allegations that FaceTime video calls were not encrypted and ensured users that this was not the case. That didn’t stop one IT professional with a local County government from asking ZDNet for confirmation, however.
The user, who has not been named, wanted to know if Apple’s iPhone and iPad were HIPAA compliant, and therefore eligible for government funds. Any device that isn’t HIPAA compliant isn’t eligible for government grants in the healthcare industry, as strong encryption is seen as the only means of protecting systems from unauthorized access.
ZDNet contacted Apple, who issued the following response:
iPad supports WPA2 Enterprise to provide authenticated access to your enterprise wireless network. WPA2 Enterprise uses 128-bit AES encryption, giving users the highest level of assurance that their data will remain protected when they send and receive communications over a Wi-Fi network connection.
In addition to your existing infrastructure each FaceTime session is encrypted end to end with unique session keys. Apple creates a unique ID for each FaceTime user, ensuring FaceTime calls are routed and connected properly.
Basically, this means that as long as your iOS devices are hooked up to a connection using WPA2 Enterprise security, they are HIPAA compliant. WEP connections, however, aren’t so safe, according to ZDNet:
One thing’s for sure: WEP is out, and you should avoid mentioning that swiss cheese security protocol around your friends at the U.S. Department of Health and Human Services — if you want a check from the Feds, that is.