Is Your Personal Health Information Safe Over Telehealth Platforms?

Posted: April 21, 2020

Last Update: March 14, 2022

Categories: Healthcare, HIPAA Compliance, Technology, Insights For CIOs & IT Directors , Business, Hospitals, Security

The COVID-19 pandemic has pushed many healthcare providers to augment their physical clinics with telehealth options for their patients. Telehealth may be transforming into an important healthcare sector itself and the need to establish strict, comprehensive and applicable guidelines is now even more vital for the healthcare industry.

Is Your Personal Health Information Safe Over Telehealth Platforms

Photo Attribution: Tang Yan Song/Shutterstock.com

OCR Waives HIPAA

At this time, the Office for Civil Rights (OCR) is allowing healthcare providers, even some pharmacies, to bypass Health Insurance Portability and Accountability Act (HIPAA) guidelines when practicing patient care using telehealth. Due to the urgent need to provide healthcare oversight agencies and government agencies patient data for evaluation and eradication of the coronavirus pandemic, clinics and hospitals are able to overlook HIPAA guidelines at their discretion. Therefore, the OCR is allowing medical and business associates to complete patient care without the risk of being penalized under HIPAA rules.

While many social media platforms, such as Facebook, TikTok or Twitch are not allowed under the remission, doctors and nurses can use Zoom, Skype, Microsoft Teams, and Google Hangouts to communicate with their patients. This permit, although unavoidable during a pandemic, identifies a huge gap in quality assurance to protect patient privacy against cybercriminals and a lack of control over the data sharing contracts with the individual platforms.

Consequences of Inadequate Guidelines

The lack of cybersecurity guidelines in telehealth allows for cybercriminals to continue targeting small clinics and healthcare businesses. This creates a growing concern about failure in regulating telehealth to protect patient data. Healthcare providers are leaving themselves exposed for lawsuits, despite the easing of HIPAA guidelines. It is now the prerogative of the individual healthcare businesses to ensure they are employing secured networks when communicating with their patients.

Since medical care is also a state-by-state issue, the insufficient regulations can subject patient care practices to licensing and state policy disputes. Mississippi has already witnessed the effects of this pitfall. In March, the Board of Medical Licensure in Mississippi issued a policy that allowed out-of-state doctors to use telehealth to treat in-state patients without board licensing. However, very soon, they received about 1200 applications from doctors outside of Mississippi looking to do business within the state. The Board hurriedly issued an Amended Proclamation that limited out-of-state doctors to only practice telehealth with patients they have previously treated. Another potential issue that may arise is the fact that not all states operate under the same health codes and laws. Clinics from different states may not be fully aware of each state's policies.

Despite the crucial need and urgency of telehealth and its application, the corresponding obligation to create standardized rules and guidelines to control telehealth practices is just as pertinent. It is quickly becoming accepted that telehealth is the future of healthcare, even after the pandemic is over. This transformation makes it an absolute necessity for proper regulatory infrastructures to be established in the telehealth sector.

How can Giva help?

Founded in 1999, Giva was among the first to provide a suite of HIPAA compliant help desk and customer service/call center applications architected for the cloud.

While exponentially scaling, how can telehealth and telemedicine providers assist patients using their platforms? Patients and healthcare providers may encounter technical problems with videoconferencing, appointment setting, insurance eligibility, billing and e-prescribing. Also, rapid and successful patient on-boarding may require non-medical personnel working with patients.

Giva has a strong focus on telehealth and we can help you get up and running on a Patient and Healthcare Provider Service Center Portal to increase satisfaction, speed issue resolution and decrease costs.