Tag Archives: telemedicine

What Clinicians Need to Know About Mounting Healthcare Cyberattacks

Alongside the increase in telemedicine use there has been a corresponding rise in ransomware attacks and other cybercriminal activity directly targeting healthcare organizations. In October 2020, the FBI and U.S. Department of Health and Human Services issued an alert regarding hackers which are increasingly using “RYUK” ransomware to target hospital systems during the second wave of the COVID-19 pandemic. The costs of such attacks can be very high; the agencies estimate that ransomware attacks have been responsible for loses of at least $61 million in the United States between 2018 and 2019.

With the increase in cybercrime there has been an increase in ransomware attacks specifically, with over 20 medical facilities recently affected. Since 2016, ransomware attacks have cost the U.S. healthcare system a minimum of $160 million, according to research by Comparitech. In September of this year, University Health Services which encompass over 400 facilities across the United States and United Kingdom experienced a “RYUK” attack which forced them to take 250 facilities offline. No patients were harmed; however, employee communications were severely hampered.

Continue reading

Please follow and like us:

Humanizing Virtual Care for Patient Satisfaction

Although only 8% of American patients had previously attended a telehealth visit before the pandemic, up to 83% expect to continue telehealth visits even after the pandemic subsides. In 2019, only 28% of physicians reported using telehealth technologies. Now, virtual consultations and online visits are beginning to replace the traditional model of in-office appointments.

Growing Demand, Declining Patient Satisfaction

While some healthcare professionals have expressed concern about the impact of telehealth on patient-provider relationships, arguing that digital care will be hinderance to personal connections, the past few months have revealed that virtual visits can effectively support and even deepen relations with patients. However, the effective delivery of online care requires strategic efforts that go beyond traditional patient-provider interactions.

Although patient demand and desire for digital visits continues to rise, overall patient satisfaction with such services is reportedly decreasing. “As patients become more engaged, informed, and involved with their health care decisions, and demand better access to care, virtual health solutions will play an important role in meeting expectations,” a recent report by Deloitte highlights. Virtual healthcare needs to continue efforts aimed at humanizing online care by extending the patient-centered care delivery model.

Humanizing Virtual Care

There are several ways to connect with patients virtually, all of which work to strengthen the patient-provider relationship. Some, such as automated messaging services, can even help lessen clinician workload by handling mundane administrative tasks while continuing to foster the patient-provider connection. Primarily, healthcare professionals need to prioritize using technological solutions to their advantage and as communication tools to develop a consistent relationship with patients.

Life-Centric Care:

The ubiquity of technology in our lives, ranging from smartphones to smart watches, allows for continuous tracking, monitoring, and communication. Focusing on embedding virtual healthcare into a patient’s digital life, providers can leverage the technology and tools they use on a daily basis to foster patient engagement. This can include utilizing data and content sharing applications to create personalized, high-quality interactions, sending reminders, and other communications that emphasize a life-centric care model.

Two-Way Texting:

As a decreasing proportion of the population now accepts incoming phone calls and many do not even check their voicemail, text messaging has become the preferred method of communication; up to 47% of patients express wanting to be able to text back and forth with their healthcare provider. With quick, efficient communications, two-way texting is an important step toward humanizing the virtual relationship.

Educational Communications:

Regularly sharing educational content, such as newsletters, blogs, and emails, can reinforce the feeling that providers care about their patients’ health. During the pandemic in particular, it is important to consistently communicate with patients by sending targeted educational information – to at-risk individuals especially – that provide individualized recommendations for staying healthy.

Automated Post-Visit Calls or Emails:

The majority of patients fail to remember all of the details of recommendations and treatment instructions provided during visits. Here, the use of automated messaging – including phone calls, voicemails, texts, and emails – can help remind patients of post-appointment care instructions. Such reminders will also improve treatment adherence while reinforcing the message that providers care about patients and their health.

Appointment and Billing Reminders:

Another facet of care can easily be automated using messaging systems; sending patients automated reminders of upcoming appointments and overdue bills can be used to increase touch points, triggering name recognition as well as remembrance. Patients will likely recognize and appreciate these efforts to simplify their lives, benefiting the overall relationship they have with their medical practice as convenience is increasingly valued.

The modern medical practice can leverage this ongoing shift toward digital care, taking advantage of the many virtual opportunities for connection and communication with their patients. While in-person interactions may be limited at this time, patient-provider relationships need not  fall to the wayside. With a healthcare industry primed for expanding adoption of telehealth, virtual health will increasingly become a part of consumers’ daily routines. If clinicians commit to telemedicine at a personal and organizational level, they can take advantage of the growing opportunities to deliver connected, coordinated, and comprehensive care.

Please follow and like us:

Telehealth IT Security: What Clinicians Need to Know & Tips to Keep Your Practice Secure

While the surge in online medicine has increased accessibility, allowed greater flexibility, and helped medical practices remain operational at this time, the rapid expansion of telemedicine presents its own set of risks. Data privacy, online patient safety concerns, and other cybersecurity threats are on the rise, as the pandemic has many emerging telemedicine solutions entering the market before proper vetting and without proven safety records.

As new technologies are introduced to meet increasing patient demand and a growing number of medical professionals switch to digital care delivery, protecting online patient data and ensuring compliance with federal regulations are paramount. Telemedicine has been shrouded in security and privacy concerns since its inception, with several large-scale, high-profile data breaches threatening to diminish patients’ and providers’ willingness to trust emerging solutions. In addition, more patients are now readily exchanging their privacy online for the benefit of immediate care and to avoid the public healthcare setting due to virus-related fears.

“Telehealth was trending upward before the pandemic, and there were already privacy and security concerns,” Dr. Stephen Hyduchak, CEO of the identity-verification service Aver, told Managed Healthcare Executive “But those are heightened now as people want the immediacy of care and are ready to accept the exchange of privacy to receive that.”

Data Privacy and Regulations 

To ease the implementation of telehealth solutions, federal regulations have lessened the enforcement of HIPAA restrictions throughout the pandemic to ensure patients can access the care they need while curbing the spread of COVID-19. Practitioners are now able to utilize popular telecommunications services, such as Zoom and Skype, which allow for easy patient-provider communication but present potential data privacy concerns.

In recent weeks, a growing number of hacker attacks have been reported on Zoom domains and other similar platforms used in telemedicine, underscoring possible threats associated with these popular services. There has also been an increase in COVID-19 fraud schemes and supply chain attacks as cyber criminals take advantage of increased online activity.

Telehealth IT Security Best Practices 

Threats to IT security in the clinical setting can range from phishing attacks and ransomware to loss of equipment and accidental data loss. While the risks depend on the type of service being provided, virtually all telehealth interactions are susceptible to cybersecurity breaches.

The increased cybersecurity risks affecting digital health services result from expanded lists of users accessing networks and software from different locations as well as a surge in untested solutions brought to market – all of which exacerbate online security, data privacy, and regulation compliance threats.

Healthcare professionals and organizations must remain aware of and alert to the multitude of cybersecurity concerns threatening their online practice; following some of the telehealth IT security best practices below can help practitioners better protect themselves and their patients.

Invest in Cybersecurity Insurance

Prior to adopting a telemedicine practice, healthcare providers should consult their malpractice insurance company to ensure digital services are covered by their current policy. It may be a good idea to purchase cyber protection insurance along with the standard business insurance package to help cover any potential repercussions associated with a data breach. These can include the costs of forensics, notification and call center costs, credit monitoring fees, as well as public relations and legal fees. Purchasing an effective cybersecurity policy can also help prevent data breaches as they provide protective software, employee training, and IT security support.

Ensure VPN Security

While establishing a telehealth practice, it is essential practitioners use virtual private networks (VPNs) as part of their protected communications while connecting remotely to enterprise networks. The use of these networks can help ensure sensitive data is encrypted and passes through appropriate corporate channels before being disseminated through internet-hosted software. Per recent data reported by Health IT Security, the use of VPNs has surged by 124% in the past several weeks alone leading to growing concerns over network safety.

Healthcare professionals and organizations must ensure their VPN software is functioning and up to date and to mitigate any potential system vulnerabilities in order to protect sensitive patient information.

Encrypt Mobile Devices

With lessened restrictions, practitioners can access protected health information and telemedical technologies from their personal devices allowing them to deliver virtual care easily and effectively. However, the use of non-corporate devices carries several potential cybersecurity risks and providers are urged to employ appropriate device management strategies to offer secure medical services. These include segregating personal devices and applications from healthcare applications and data – a solution that can significantly reduce the risk of data leaks – as well as encrypting all devices.

Lost or stolen devices – mobile phones, desktop computers, laptops, and USB drives – are the leading cause of data breaches. While HIPAA regulations provide some protection for the loss or theft of encrypted data, the vast majority of electronic breaches result from unauthorized access to unsecured devices. Medical practices and providers are urged to ensure that all mobile devices, software, communication systems, and stored data are encrypted and that telemedicine security policies are followed by all employees.

Establish Telehealth Guidelines

Telehealth cybersecurity guidelines are essential to protecting against potential breaches as employee access is one of the most challenging risk factors to manage. A recent IBM study reported that nearly 95% of all data breaches resulted from employee error – including the loss or theft of devices, accidental sharing of information with incorrect recipients, sending sensitive patient data in unencrypted formats, or falling victim to ransomware attacks.

Establishing and training staff on effective telehealth practice guidelines is necessary to ensure optimal cybersecurity at this time; all staff members should be aware of practice policies regarding online care, HIPAA compliance requirements, data handling procedures, and personal health information protection strategies.

Use Reputable Software

The sudden popularity of telehealth services has prompted the introduction of novel software technologies, many of which have yet to be adequately tested. Healthcare providers should only download applications from reputable sources and utilize only those which are approved and deemed safe. Organizations may already have telemedicine systems in place, however, practitioners are encouraged to double-check with their human resources department before connecting to new platforms.

Understand How Platforms Manage Data 

Having a robust understanding of the data collection, storage, management, and destruction practices of your chosen telehealth platform is essential to ensuring compliance with regulations and patient data safety. The majority of reputable providers should feature codes of conduct and explicit information regarding their data use policies and HIPAA compliance.

“Look for telemedicine providers that explain their use of data that you share, usually doing this in writing with a code of conduct,” Dr. Hyudchak added. “You have to make sure the telehealth service is reputable and that it’s following all HIPPA rules. Also, only disclose relevant information that is absolutely essential.”

Protect Against Unauthorized Access

The use of identity authentication systems is a critical tool for online safety. To protect against unauthorized access to sensitive data, many healthcare organizations use multi-factor authentication which is reported to block up to 99.9% of all automated cyberattacks. This strategy allows users to log in only after they present two or more pieces of evidence confirming their identity, thereby significantly decreasing the risks of breaches.

A common method hackers use to obtain access to protected health information is by capturing or guessing passwords. This threat can be reduced via identity authentication and the use of strong passwords that are frequently changed to prevent against password theft. Systems should lock users out of their accounts after three failed attempts and limit user access to sensitive databases.

While telehealth is a necessary and beneficial solution during the COVID-19 crisis and beyond, its growing use can jeopardize the safety of sensitive patient data and their privacy. As the majority of non-emergency patient-provider encounters are now occurring in the digital space, cybersecurity threats have reached an all-time high. Many emerging technologies are still new to most users yet cyber criminals have already begun to exploit vulnerabilities in networks and software, leveraging the widespread expansion of telemedicine as a platform for attack. The number of telehealth interactions will continue to increase as the COVID-19 pandemic reshapes the healthcare system, prompting the need for medical professionals and organizations to prioritize personal and patient cybersecurity.

Please follow and like us: