The use of telemedicine technology is growing at an astounding rate. Telemedicine, which makes medical care more accessible to more people, offers important benefits for practitioners and their patients. Of course, it does come with some risks that all physicians must know about, including a number of HIPAA compliance issues.
Health law attorneys suggest that practices utilizing this technology must understand the challenges it presents concerning practice security and patient privacy.
Medical Identity Theft
Like regular identity theft, medical identity theft which is the illegal use of someone else’s medical information has increased dramatically over recent years with the rise of telehealth services. While it is much easier to prevent identity theft in person by confirming identity with insurance cards and driver licenses, this becomes a bigger challenge when dealing with remote patients.
Health law attorneys recognize this as a significant issue for practices that make use of telemedicine, as there needs to be some way to positively identify the patient. Although the AMA does state that practitioners must verify patient identity, there is very little actual guidance about best practices in this area. This may create HIPAA compliance issues for those who do not use proper caution when identifying patients seen remotely.
In addition to the concern over medical identity theft, protection of patient privacy is the second major security issue encountered when providing telehealth services. Since telemedicine involves the transmission of sensitive and personal information wirelessly, patients and providers face the same risks as companies dealing with financial information.
A secure, encrypted internet connection is essential to maintain that privacy. Anyone attending telehealth appointments through an unprotected connection is at risk, a problem that health law attorneys stress could leave providers dealing with HIPAA compliance issues.
To maintain a secure connection and preserve patient privacy, all providers must use applications that offer the highest levels of end-to-end encryption. Telehealth services should also encourage patients to only access these services from a private location with a secure internet connection and stress other internet safety basics like not sharing passwords and how to positively identify actual communications from providers.
Increased Data Handling Requirements
Practices participating in telehealth services must also contend with the additional amount of electronic data they will be compiling. Telemedicine visits may collect everything from initial electronic patient records to photos and videos sent from the patient - even full recordings of entire visits. There is the added concern that these records may normally transfer from the physician’s device to a number of additional devices including office staff, third party transcribers, and billers, ending up with a third party storage service provider. Appropriate methods to erase these records from all devices once they are stored must be implemented.
There is no doubt that telemedicine offers many advantages for both patients and doctors. This form of communication gives doctors the ability to help more people, regardless of their location. What cannot be overlooked is how telehealth services increase the responsibility of each practice to maintain patient security and privacy. Health law attorneys find that telemedicine services must be appropriately handled to avoid HIPAA compliance issues.
The Stevenson Law Firm, PC
6302 W. Broadway, Suite 120
Pearland, TX 77581
Phone: (832) 481-4548