Is Telehealth Secure?


With the pandemic dominating healthcare right now, telehealth has become a hot topic in the industry. How can we care for patients while maintaining the safety precautions needed to shield ourselves from the virus? Two-way remote communication and monitoring have made healthcare possible when lock-down regulations are in place. 

Some of the biggest concerns about telehealth, however, lie in areas of data security. How can medical professionals know that their patients’ information is being protected, or that they are conducting visits in a HIPAA compliant way? The good news is that many video conferencing platforms have already deemed themselves HIPAA compliant. 

HIPAA Compliant Platforms

According to the U.S. Department of Health & Human Services, “OCR will exercise its enforcement discretion and will not impose penalties for noncompliance with the regulatory requirements under the HIPAA Rules against covered health care providers in connection with the good faith provision of telehealth during the COVID-19 nationwide public health emergency.  This notification is effective immediately” (1).

The list below includes some vendors that advertise that they provide HIPAA-compliant video communication products and that they will enter into a HIPAA BAA.

  • VSTConnect
  • Skype for Business / Microsoft Teams
  • Zoom for Healthcare
  • Google G Suite Hangouts Meet
  • GoToMeeting

You can find additional educational materials to help you learn more about the HIPAA Security Rule and other sources of standards for safeguarding electronic protected health information (e-PHI) here (2).

Cyber Security

But what about cyber security? As with anything digital, there comes the risk of system interference and hackers. The concept of hacker intrusion in telemedicine can be especially concerning for a variety of reasons. For one, a hacker can modify test results, causing an incorrect diagnosis for the patient. Hackers can also cause equipment failure which could create a life threatening situation for a patient who is relying on on specific medical care. Control of a doctor’s computer could also be taken over. Test results displayed on screen could then be altered, which could begin a false track of communication that might be difficult to trace and correct (3). 

 If telemedicine becomes healthcare’s “new normal”, how are these potential risks being dealt with? Trusted third party security systems are one way hospitals can rest assured their patients will be safe being monitored by telehealth systems. These security systems will often use encrypted virtual tunnels to transfer information between the patient’s equipment and the doctor’s console (3).

However, sometimes the quickest, and most reliable form of security is the detection of a problem by a doctor or medical professional handling the patient’s information. “It is essential to educate medical and telemedicine professionals about the new risks and symptoms of a cyberattack,” says Robert Wakim, Offers Manager at Stormshield, a company specializing in security equipment (3). If the hospital staff is educated, and well aware of cyber risks and how to notice them quickly, this could prove to be more effective than any security system a facility invests in. 

Telehealth will vastly improve the healthcare system as we know it today. It will simplify patient monitoring and communication and is on the path to become the most efficient, helpful, and secure tool in the industry. Telehealth doesn’t totally erase human need, but rather acts as a tool, increasing the capacity and abilities of any facility. 

If you’re interested in looking into a platform for your facility, consider our platform, VSTConnect—a remote monitoring platform with vitals monitoring and two-way communication! Visit our webpage to learn more at virtusense.ai/vstconnect/.

 

Sources:

  1. https://www.hhs.gov/hipaa/for-professionals/special-topics/emergency-preparedness/notification-enforcement-discretion-telehealth/index.html
  2. https://www.hhs.gov/hipaa/for-professionals/security/guidance/index.html
  3. https://www.stormshield.com/news/why-telemedicine-represents-a-cybersecurity-risk

Sign Up to Recieve New Blog Posts

Email

Share this article: