Put Security and Privacy Front and Center for Virtual Care

Image credit: iStockphoto/Rawf8

Telehealth (virtual care) usage has skyrocketed during the pandemic. When you roll back the tape a few months, healthcare providers were able to (very quickly) stand up virtual care capabilities without having to go through the intensive HIPAA compliance protocols required in the healthcare industry. Some healthcare providers have been able to tap nontraditional technologies such as Apple’s FaceTime as a stopgap measure for virtual care.

The accelerated innovation in delivering virtual care to the population was and is a good thing, but when speed takes precedence over security, there will be inevitable challenges. In fact, virtual care platforms have been susceptible to cyberattacks, with evidence indicating attacks on such platforms increased by 30% this year.

Make no mistake: Virtual care is becoming a core component of patient care moving forward, but healthcare organizations (HCOs) need to prioritize security and privacy as:

  • Virtual care platforms are more connected and highly distributed than other healthcare technology systems, making them a prime target for attackers.
  • Weak patient authentication into healthcare networks and vulnerabilities found in the hardware and software used by providers have offered attackers more direct avenues to critical assets where protected health information could be stolen, or ransomware could be deployed.
  • The Office for Civil Rights will strengthen its enforcement of HIPAA requirements as the pandemic starts to get under control. Providers will scramble to implement new security protocols, and at worst, organizations will be looking for a new virtual care platform that is more robust. Security practitioners need to plan for these changes now to avoid being caught off guard.

HCOs Need To Play The Long Game For Virtual Care By Making Preparations Now

Long-term success for virtual care deployments hinges on balancing ease of use and security and privacy. Providers are already hampered by a significant administrative burden and diverging workflows. There are many steps HCOs can take now to achieve this balance.

For starters, security professionals must:

  • Evaluate their existing vendors’ abilities to scale, integrate, and resolve security issues quickly.
  • Look past the “cool” features vendors offer and ensure the core capabilities they actually use can be scaled to meet current and future needs while keeping patients’ data safe. There will always be time to implement additional “nice to have” functions once the foundation is secure.

The scalability of the technology and the vendor are just two of several factors healthcare providers will need to consider as they transition their virtual care deployments from the pandemic to a long-term viable care model.

The original Forrester article is here.  The authors include senior analysts Arielle Trzcinski and Christopher Sherman, analyst Alla Valente, and vice president and research director Daniel Hong. The article was written with senior research associate Benjamin Corey.

The views and opinions expressed in this article are those of the author and do not necessarily reflect those of CDOTrends. Image credit: iStockphoto/Rawf8