Using Zoom's Epic integration
The Zoom integration with Epic enables healthcare organizations to launch Zoom from within an Epic video visit workflow. Using context-aware linking in Epic, a link to a Zoom video session can be placed in an Epic appointment. This enables Epic users to easily use Zoom and the Epic EHR in a streamlined side-by-side workflow.
Physicians can go into their video visit appointments in Hyperspace and launch directly into the video visit in Zoom. They will continue to document in Epic while performing the video visit. Patients can launch into Zoom from their MyChart Patient portal on their personal computer or mobile device.
If you want to learn more about the Zoom/Epic Telehealth integration or would like more information on telehealth in Epic, please reach out to your Ambulatory TS.
If you need more information on the FHIR version, refer to the Epic FHIR integration guide.
Note: With the deprecation of JWT authentication in September 2023, an account admin should migrate to authenticating the Epic integration with OAuth.
Requirements for the Epic integration
- A paid Zoom account
- Account owner or admin with privileges to add and configure this integration
- Contact with your Epic technical representative
- A licensed Zoom user to be used as the “Default Host” for telehealth meetings
Note: Licenses must be assigned for each provider that will make telehealth calls - The Join Before Host and Waiting Room features unlocked at the account level
How to add and configure the Epic integration
Add Epic from the Zoom Marketplace
- Sign in to the Zoom App Marketplace with your Zoom owner or admin account.
- In the top-right corner, search for Epic and click the app.
- Click Add.
- Confirm the permissions the app requires, then click Allow.
An admin on your Epic account will need to complete the following steps for configuration.
Configure Epic
In order to obtain some of the configuration information, you will need to be in contact with your Epic technical representative for help on building the FDR links and workflow.
Note: Follow the below steps only if you have earlier used JWT app to copy Api Key & Secret, and are reinstalling the Epic app. If not, please skip these steps.
- Sign in to the Zoom App Marketplace with your Zoom developer account.
- In the top-right corner, click Manage.
- In the navigation menu, click Created Apps.
- Click your developer.zoom.us API (JWT).
- Click App credentials.
- Copy your API Key and API Secret for use as Encryption Key and Secret in a later step.
- Once you have added the Epic app, configure the following fields:
- Default Host User Email: This email address will be the default user that the Zoom meeting will be hosted for. Once the provider joins the meeting, they will become the host.
- Provider User Type: The Zoom plan assigned to provider accounts when a user is automatically created as part of joining a telehealth meeting.
- Encryption Key: The Zoom API Key. This must be from a paid account and the same Key configured in the Epic system.
- Encryption Secret: The Zoom API Secret. This must be from a paid account and the same Secret configured in the Epic system.
- Epic Environment: Select Test if will be used with an Epic test environment or select to Production if will be used in a live Epic production environment.
- Default Patient Admittance Policy: Select Automatically enter the meeting when the provider joins if the patient should enter the meeting automatically when the provider joins the meeting. Select Be manually admitted to the meeting by the provider if the patient should be admitted into the meeting manually by the provider.
- Authorization Type
- No Authorization: Select this if no authorization is required for Epic notifications.
- Basic Authorization: Select this to use basic authorization for Epic notifications and enter the auth name and password:
- Auth Name: The user name of an Epic account that will be used for notification authorization if basic authorization is enabled.
- Auth Password: The password of an Epic account that will be used for notification authorization if basic authorization is enabled.
- Epic Connection Status Endpoint URL: Enter the URL from the Epic system where the Epic patient/provider join/leave notifications are to be sent to.
- Epic Device Test Endpoint URL: Enter the URL from the Epic system where the device test results notifications are to be sent to.
- Device Test Help Endpoint URL: Enter the URL where patients should be directed to when they click the help URL while running a device test.
- Customize Launch Page: This allows the configuration of the text and image displayed when a patient joins a meeting before the host joins.
- Custom Text: Enter the custom text that will be displayed to participants on the meeting launch page.
Note: The text can be a maximum of 256 characters. - Custom Logo: This allows the uploading of a logo that will be displayed on the meeting launch page.
Note: The image can only be in a png or jpg file format, a max file size of 2 MB, and a maximum dimension of 800 x 600.
- Click Save Changes.
Re-authenticate with OAuth
With OAuth support for the Epic Zoom App and the deprecation of JWT authentication in September 2023, Epic admins can follow these steps to migrate from JWT to OAuth authentication.
- Sign in to the Zoom App Marketplace as the account administrator.
- In the top right of the page, click Manage.
- In the navigation menu, click Added Apps.
- Click the Epic app.
- Click Update.
You will be prompted to authenticate with your Epic account. - Provide access to the requested permissions. When authentication is complete, you will return to the Epic marketplace page.
How to use the Epic Integration
- When a provider or patient launch the URLs, Epic will be passing some key information (org id, user type, session id, user id) to Zoom over an exclusive encrypted Telehealth API. Zoom will auto-launch a video session based on attributes that are passed from Epic; there is no need to schedule these video visits in Zoom.
- If a patient joins the video visit before the provider, they will see a message “waiting for the host to start this meeting” and will be placed in the video session when the provider joins.
- When a patient launches the session, Zoom auto creates an encrypted password for that session – no one can join that session just with a Zoom meeting ID.
- If a patient drops out of the session, they can rejoin as long as the provider is still in the session.
- When a patient joins the session before the provider, the provider gets a notification from within Hyperspace.
Data security
- Zoom helps enable HIPAA compliance.
- All communications between Zoom and Epic as well as Zoom video sessions are encrypted with AES-256 bit encryption.
- Zoom video visits launched from Epic are dynamic password protected.
- All of your account level settings are applicable for your video visit sessions. That means you can disable recordings, annotations, and more as needed for security reasons.
- When a video visit occurs, Zoom accounts are automatically created for patients and providers using information contained in the Epic FDI records. Patient accounts are automatically deleted when the video visit completes. Provider accounts (identified by email ending in “@zoomtelevisit.com”) can be manually deleted by an administrator in User Management in the Zoom web portal.
This app accesses and uses the following information from your Zoom account:
- User first and last name: If an email is provided to Zoom for a video visit, the corresponding Zoom account first and last name will be displayed during the video visit meeting.
- Meeting settings: The account-wide meeting settings and/or the default host’s meeting settings will be used when creating a video visit meeting.
- Meetings info: When a patient or provider joins a video visit, existing meetings are queried to determine if an existing meeting should be used or a new one should be created (to ensure all participants join the same meeting).
This app accesses and uses the following information from your Epic account:
- Session ID: used to uniquely identify the epic video visit session when reporting patient and provider meeting connection status (connected/disconnected) to Epic.
- Epic user ID: used to uniquely identify the patient or provider when reporting patient and provider meeting connection status (connected/disconnected) to Epic. Also used when automatically creating a Zoom account for the video visit meeting.
- User first and last name: used when automatically creating a Zoom account for the video visit meeting. Also displayed during the video visit meeting.
- Epic launch code: when OAuth is enabled it is used to retrieve the Epic OAuth access token which is then used to authorize sending connection status notifications to Epic.
- User email: if configured to be provided to Zoom, email is used to find the user’s Zoom account which would then be used for the video visit meeting.
- User type: used to identify if the user is a patient or a provider. It is also included in the connection status notifications sent to Epic.
- Zoom Room name: for Epic monitor calls, it is used to identify the Zoom Room to be called.
Troubleshooting Epic integration issues
Epic green light issue
A provider using Epic’s Hyperspace or other client can know when a patient joins the telehealth meeting by a green light that lights up. If there are problems with the green light not working correctly, there are notification records that can be used to help diagnose the cause.
To access the notification records screen:
- Sign in to the Zoom App Marketplace with your Zoom account.
- In the top-right corner, click Manage.
- In the navigation menu, click Added Apps.
- Locate and select the Epic app.
- Click Manage, then click Configure.
- Click the Notification Records tab.
- Enter the Zoom meeting ID of the meeting that the green light was not working properly for, then click Search.
A list of notification records should appear. Each row in the table corresponds to a notification that is sent to Epic telling it when patients and providers join and leave the meeting.
The RespCode column indicates if the notification was successfully handled by Epic. When successful, a 200 will be displayed for each record. A value other than 200 indicates there is a problem with the notifications reaching Epic which can cause the green light to not work properly. Some things to check if there are problems:
- Depending on the authorization type enabled in the Epic integration configuration, confirm the “Endpoint URL” or “Endpoint Domain” is correct
- If an IP allow list is used, verify that all the Zoom IP addresses that can originate the notification are included in your network allow list. The list of IP addresses can be found on Zoom’s network firewall or proxy server settings page (network firewall TCP addresses)
- Verify the FDI records on Epic are setup correctly
For additional help or technical support, submit a request to Zoom Support.