Did you know that cyber-attacks are one of the fastest spreading crimes in the digital world? It is the third-largest “economy,” right behind the United States and China, costing $6 trillion in 2021. In the U.S., the most affected victims apart from the small businesses, individuals are healthcare facilities – yes, the healthcare!
Telehealth is one practice that exposes you as a potential target of cybercrimes. And in healthcare, each attack leads to HIPAA-compliance consequences beyond immediate monetary loss.
Accelerated Pace of Adoption of Telehealth Practices
In response to social distancing recommendations resulting from the COVID-19 pandemic, healthcare providers are rapidly deploying remote or virtual healthcare services to sustain care for their patients.
Telehealth approaches are new to the patient and the provider in many cases. The novelty factor notwithstanding, maintaining patient privacy remains essential. Below are some critical recommendations to maintain patient confidentiality and security in these challenging times. The following link contains recommendations from the Department of Health and Human Services: hhs.gov
Three Rules to Follow Prior to Initiating Telehealth Sessions
- Always use HIPAA-compliant applications to help reduce security and privacy risks.
- Share updated privacy and security practices with your patients, using different communications channels such as posting them on your website, or by phone or email when offering appointment reminders.
- Share some of the tips provided below with your patients to safeguard their health information during telehealth sessions.
Eight Points to Ponder During Telehealth Sessions
- Always use a private space and limit the number of people participating in a session. For providers, this means only permitting personnel directly involved in the patient’s care and individuals the patient permits to participate in the session.
- Any communication for setting and initiating the sessions should have short-lived codes that expire.
- If possible, set up communication channel that is private and effective to reduce the sessions initiation difficulties, the biggest cause of anxiety and frustration for both the provider team and the patient.
- Secure private room from which you are conducting telehealth sessions (e.g., close the door and post a sign outside the door, indicating unauthorized individuals should not enter while your session is underway).
- We recommend using headsets to avoid being overheard by others and position screens out of the line of sight of others.
- Enable all available encryption and privacy modes during telehealth sessions and notify patients to follow procedures to avoid these third-party applications causing privacy risks.
- Limit the information requested to what is necessary to treat the patient.
- Don’t forget to sign out of or close applications and turn off all microphones, cameras, and monitors once the telehealth session is complete.
A Few More Guidelines to Consider
- Your content goes here. Edit or remove this text inline or in the module Content settings. You can also style every aspect of this content in the module Design settings and even apply custom CSS to this text in the module Advanced settings.
A Short Checklist to Consider Prior to Initiating Telehealth Sessions
- Be aware of updated privacy and security practices from your healthcare provider.
- Contact your healthcare provider with any questions or concerns you have about the privacy and security of the information shared during your telehealth session.
Four Guidelines to Follow During Telehealth Sessions
- Pick a private location. Hold your telehealth session in a location away from others, such as a room with a door that you can close so that you can control who hears your conversation.
- Secure your device. Follow your healthcare provider’s instructions for securing the device that you use for your telehealth session. Log out of your telehealth session when you are done.
- Remove unnecessary items. Before beginning a conversation with your healthcare provider, make sure you remove items that are not needed to discuss your health concerns. Technology devices such as home security cameras, voice assistants, or other devices you are not using to contact your healthcare provider should be removed to make sure they do not capture potentially sensitive information.
- Control your background. Be aware of what will be displayed in the background during a video call and remove any personal information you do not want to share.