Telehealth and Cybersecurity: What You Should Know
Topic: Telehealth and Cybersecurity: What You Should Know
Healthcare providers are seeing between 50 and 175 times (1) more patients via telehealth than before. Telehealth platforms* offer solutions for a wide array of different healthcare issues. An estimated 20 percent of all emergency room visits and 24 percent of routine office visits and outpatient volume could be delivered virtually via telehealth.
Telehealth is a win-win for providers and patients. It both increases the availability of care while also reducing costs. However, telemedicine does have intrinsic privacy and security risks that all providers must minimize to protect sensitive patient data.
Providers have been eager to adapt to this care delivery method, but many platforms do not meet HIPAA requirements and lack adequate data safeguards. The same connectivity that makes telehealth possible also creates threats to patients. Protecting patient health information (PHI) and providing remote services doesn’t fit together easily.
Any data transferred over the internet runs the risk of interception by threat actors, and healthcare has long been a preferred target for cybercriminals. In 2019, healthcare data breaches cost the industry over $4 billion (2).
This year is no exception with a further increase in ransomware (3) and other attacks that put millions of patients’ records in danger of exposure. These types of events have all happened within typically well-fortified hospital networks.
Connecting with patients via telehealth and transmitting biometric data via remote care devices only furthers these dangers. The biggest risk is that patients lack control of the collection, usage and sharing of their PHI.
For instance, remote monitoring devices built with sensors to detect falls may collect information on other activities patients wish to be kept private—including that their home is unoccupied at certain times and the types of activity they participate in. Even with security measures, any transfer does have a potential for a breach
Topic Discussed: Telehealth and Cybersecurity: What You Should Know