Telehealth services are becoming more common to help deter the spread of COVID-19. However, as with other internet activity, there are security threats to patients' sensitive details and private data. How can patients and doctors maintain the confidentiality of each other's information?
“Telehealth was trending upward before the pandemic, and there were already privacy and security concerns,” according to Stephen Hyduchak, CEO of Aver, an identity-verification service. “But those are heightened now as people want the immediacy of care and are ready to accept the exchange of privacy to receive that.”
“Medical data is some of the most sensitive information out there. HIPAA and other regulations have long been in place, well before more general privacy laws were instituted. Now, needing to share more of your medical history with the telehealth doctors makes the entire communication more vulnerable in a variety of ways. The application could get hacked. Also, IT infrastructure and cybersecurity often aren’t up to speed at hospitals.”
How can I protect my data when using TeleHealth?
When using telehealth systems, Hyduchak recommends following these security precautions:
Double-check before downloading the app
“Your healthcare provider may have a preferred app that you can download from its website,” Hyduchak shares. “That’s the safest route. Your company may offer this service, and if so, check with human resources to make sure the information is correct before downloading. Otherwise, use a reputable online store to download the app.”
You should avoid downloading generic “Doctor’s Office” or “Medical Appointment” apps that promise visits with doctors located anywhere in the country. These lead to doctors without adequate credentials in your area or scammers who are simply out to make a quick buck offering bogus advice. Stick with your primary care provider or a trusted local provider who you can follow up with in person, if needed.
Consider online app reviews and recommendations from your network
"Reputable review sites can give you an objective look at apps and telemed services out there, but many reviews focus on capability, speed and convenience, so you may have to dig a little deeper regarding security,” Hyduchak said. “That’s where your personal network comes in. Query people you know who are using the app you’re considering. And if the app is relatively unknown, you don’t want to be one of the first to use it.”
Beware of phishing, social engineering of telemedicine
“The basic rule for most cybersecurity measures very much applies: Always verify a link or attachment before opening it,” Hyduchak said. “There are coronavirus-based phishing campaigns by hackers. Their aim is to get you to click onto a malicious telehealth link.”
You should always use a browser protection tool to identify and block malicious websites and those containing scams. This holds especially true when using a website, company, or service that you haven’t used before. Scammers prey on those who aren’t knowledgeable enough about a service to realize when something doesn’t add up.
Learn how the service uses your data
“Look for telemedicine providers that explain their use of data that you share, usually doing this in writing with a code of conduct,” Hyduchak said. “You have to make sure the telehealth service is reputable and that it’s following all HIPPA rules. Also, only disclose relevant information that is absolutely essential.
“With telehealth services, a patient can see a doctor in isolation from their smart devices, so it’s a close to ideal platform during an outbreak like this, but having awareness of and using security measures is essential because the stakes are higher.”