By Bent Philipson
In the late-1950s, the Nebraska Psychiatric Institute and Norfolk State Hospital set up a closed-circuit television link between their facilities to conduct psychiatric consultations from afar. This was probably the first and most famous use of hospital-based telemedicine.
Telehealth has undergone many transformations since then, but the end goal has always remained the same. As one landmark publication put it: “Information technology must play a central role in the redesign of the health care system if a substantial improvement in quality is to be achieved.”
So why does it feel like we’re just now tapping into telehealth’s potential?
The healthcare sector is fully aware of telemedicine’s transformative power, yet many in the industry have chosen to sit on its widespread adoption, perhaps saving it for a ‘rainy day.’ As to why this is, there isn’t one answer. But that rainy day has finally come under the guise of a global disease outbreak. The COVID-19 pandemic shoved the industry into survival mode, and telehealth became their life float.
Now that more healthcare facilities have begun working telemedicine into their services, 46 percent of patients can take advantage of this virtual platform. This is compared to the 11 percent of patients who were using telehealth before the pandemic.
Digitalization in the healthcare industry is becoming the new norm. It provides more affordable, efficient care options and extends providers the opportunity to better serve a larger number of patients in a shorter period of time. Virtual care practically eliminates waiting periods, ensures appointments are fulfilled on time, and improves a patient’s quality of life. Telemedicine not only reduces the causeless spread of disease, but it allows physicians and nurses to better care for their patients.
Yet, while telehealth has undeniable strong points, there are still vulnerabilities in its adoption. One of the greatest is the ongoing battle to ensure the secure transfer and storage of patient medical records and personal data. Below are some of the top security concerns facing telemedicine and why its success hinges on our ability to overcome these challenges.
Though clinicians are urging patients to take advantage of telemedicine, the objective isn’t to skip over quality measures. Despite the critics, virtual assessments have proven their effectiveness and have established themselves as viable platforms for physicians to diagnose various health ailments, such as bronchitis, strokes, dementia, and more.
After assisting their patients through questionnaires and examinations, physicians can make the most informed decisions for how they will continue to monitor and treat each one of their patients’ conditions. This makes preventive and comprehensive care possible, but it also allows healthcare staff the ability to better customize their treatment plans for individual patients and more easily share this information with all necessary parties.
This is where the dangers arise. Digitally storing patient data is great for accessibility and convenience, but there is always a chance — even if it’s slim — for hackers to gain access to this information. 2019 was a record year for data breaches, with patient records from over 12 percent of the population being “exposed, impermissibly disclosed, or stolen.” Hacking and IT incidents made up almost 60 percent of these breaches, while unauthorized access and disclosure made up almost 30 percent.
The biggest threats loom when facilities use consumer-based products, such as FaceTime or Zoom, to interact with patients and other staff members. In addition to developing more secure lines for communication, it’s also important that providers review vendor contracts, consider hiring cybersecurity firms for an extra protective layer, develop an incident response plan, and educate their staff on the dos and don’ts of telehealth.
Dark Web Concerns
When a patient’s data is breached, it could snowball into a variety of other scams. Say, for example, one of your patients gets a positive COVID-19 test. You document that information, and, later, someone outside of your network gains access to your facility’s patient records. In addition to seeing a positive coronavirus diagnosis, they now have access to that patient’s entire history — location, age, contact information, family members’ names, etc.
All of this information may be used as part of a cybercriminal’s well-thought-out plan. They’ll reach out to the patient and their family members, saying they have the cure for the virus and will ask for payment. It may sound ominous, but COVID-19 scams have skyrocketed since the spread of the virus. While older generations and those who aren’t as technologically-savvy are the usual victims of such abuse, scam artists have seen success with younger populations.
Similarly, many medical technology experts have discovered malware on specialized platforms that have allowed cybercriminals to steal and alter x-ray scans to mislead patients into believing that they had various health conditions. With so many creative angles for these attackers to take advantage of with the cyber shift, there has been an increased number of ransoms and complete manipulation of the integrity of telemedicine.
Healthcare leaders cannot be reactive to these risks. Proactivity will help prevent hackers from finding their way into patient information and stave off fraud and deceit attempts. Re-examine HIPAA’s telemedicine Privacy Rule guidelines if you haven’t already. Healthcare professionals often believe they’re compliant with these guidelines when, in reality, there are some protocols they’ve failed to enact. Authorized users should be the only individuals with access to your telehealth system. Still, staff members must also install the necessary software to help monitor all interactions and documentation that occur on your platform.
If your facility is taking significant measures to ensure telemedicine’s successful adoption into your services, it’s also important to extend these initiatives to patients and their families. Despite taking every precaution you can to mitigate risk, there are always dangers to digitization. Be transparent with patients and their loved ones about these risks. If you educate them just like you would educate your staff, you empower them to know what red flags to look out for.
As the healthcare industry continues to rely on telemedicine, and these virtual platforms continue to mature, patient care will become safer than ever before. But this isn’t just contingent on what happens within your facility, patients and families must be part of the process as well.