Many activities once done solely in-person have gone online. Brick-and-mortar stores gave way to e-commerce, and social media gave people a sense of connection without meeting in person. With the progression of technology and artificial intelligence, it seemed inevitable that the healthcare industry would be the next to follow suit. Promulgated by COVID-19, telemedicine has emerged as a necessary alternative to face-to-face consultations. The question frequently posed, however, is whether it is a sustainable option that will withstand the test of time.
Cybersecurity Issues & Why We Should Be Worried
As has been seen from Facebook and Twitter security breaches, any online transmission of information carries potential consequences. Notably, the healthcare industry has historically been a target of ransomware attacks and security breaches. Patient healthcare records contain personally identifiable information such as communication from doctors and billing information. This information, once in the hands of bad actors, often ends up for sale on the dark web. However, this is only one concern. Ransomware attacks and security breaches also have a potentially life-threatening effect. For instance, on one occasion, a U.S. ransomware attack caused a hospital to shut down, leading to a delay in treating patients. Bearing this in mind, the sustainability of telemedicine will require regulation and oversight concerning the security of stored and transmitted information across networks.
Security & Privacy Concerns – Who is Listening?
The Health Insurance Portability and Accountability Act (“HIPAA”) sets regulations for maintaining the security of electronically protected health information. Interestingly, under the general requirements for security standards, ensuring compliance by the workforce is mandatory. However, bring your own device (“BYOD“) policies may present an issue for maintaining proper compliance with HIPAA security standards. Proper organization policies delineating BYOD usage, along with mobile device applications inhibiting improper personal use, may help alleviate such concerns. Ultimately, ethics and enforcing workplace policies to maintain confidentiality on devices need to be prioritized.
The circumstances surrounding COVID-19 have led to relaxing HIPAA penalties for security violations made in good faith. Remote communication may only be conducted over “non-public facing” applications, such as Zoom, Facebook Messenger video chat, and Whatsapp. However, researchers have noted privacy concerns, such as outside observers attending the meeting or encryption issues , connected with such applications like Zoom. While the penalties and communication applications are less restrictive now, proper cybersecurity oversight concerning the use of certain mobile apps for telemedicine will be necessary for the future.
Without a doubt, telemedicine has stepped up as a necessary alternative amid a world crisis. Sydney Loy, a 3rd-year medical student at Texas Tech University Health Science Center, noted that “the free clinic here is using telemedicine to see patients because they aren’t able to see many in person now, so they wouldn’t have any other care if that wasn’t an option.” The U.S. has struggled to make healthcare more affordable and accessible to everyone. Telemedicine presents the opportunity for more people to access healthcare in the U.S., but privacy and security concerns will need to be addressed for future utilization.
Jezenya Renteria is a rising second-year law student at Wake Forest University School of Law. She received her Bachelor of Business Administration in Accounting from Texas Tech University. She is interested in health law and military justice.