In 1996, Congress passed the Health Insurance Portability and Accountability Act (HIPAA) to help protect the use of patient information in electronic health record systems. Those same safeguards apply to data in the rapidly-evolving realm of telehealth.
While remote medicine has the potential to dramatically improve healthcare outcomes, it may also come with “significant privacy and security risks,” researchers find. For senior housing executives looking to implement telehealth, it is important to know where the potential stumbling points may lie.
Typically, the three biggest security concerns associated with telehealth solutions will involve: Devices, Data and Practices.
Telehealth carries the promise of medicine delivered virtually anywhere, anytime. This new care delivery model is made all the more possible thanks to the rise of affordable and extremely powerful mobile devices. Laptops, tablets and smartphones all may potentially play a role in delivering medical information, consultation and other resources.
At the same time, these devices represent a potential vulnerability. The recent loss of a pro football trainer’s laptop shows just how easily a misplaced mobile device can lead to health information getting into the wrong hands. In order to ensure that telehealth information remains secure even in a mobile environment, IT managers need to fully encrypt devices and make sure they enforce safe and consistent access control practices.
As telehealth continues to pick up steam – growing by an expected 18 percent a year through 2020 – these services will begin to generate vast quantities of data, which must be safeguarded throughout the enterprise. A patient may send a photo to a practitioner during an online consultation, or a wearable monitor many gather and store vital health information. There may be archives of video consultations, or electronic records of patient activity or provider input.
All of this data represents a potential security hazard. Senior housing operators who choose to participate in telehealth must be aware that they now have in their hands a significant block of digital information that requires thoughtful handling. As with any other form of sensitive business data, there are many ways to ensure telehealth information is secure. This begins with securing the database, the network, or the applications themselves.
The single greatest threat in securing telehealth may lie not in the details of any one network configuration or choice of application, but rather in the people who operate the systems. For telehealth to be secure, business practices surrounding its use must be secure.
Everyone who engages with the system, from physicians to caregivers to seniors and their family members, must be aware of the standards and practices around telehealth. While they may not need to understand data encryption, residents should know what a strong password looks like. And while physicians may not need networking expertise, they should understand that having an unauthorized person standing in the room during a video consultation represents a potential digital security breach.
Telehealth promises to bring a high level of care to the table, making medicine more accessible to seniors and enabling housing operators to play an ever more active role in the care continuum. At the same time, this new opportunity comes with the potential for risk: Data shared is data exposed. For senior housing operators, careful attention to the devices, the data and the practices they employ in telehealth can help to ensure a successful and safe implementation.