Healthcare Data Breaches Affect Providers of All Sizes. Within the last few years, there were major data breaches of large healthcare providers like Anthem, Premera Blue Cross, and Excellus BlueCross Blueshield. But it’s not only the major providers hackers may target. Smaller medical practices can be a target too, and as more of them adopt telehealth applications, it’s important they do not become easy targets for sophisticated hackers. It is therefore crucial to know what you must protech in your telehealth application.
Data breaches happen all the time, including these examples from the first half of 2018 alone:
- 500,000 patients’ data compromised in Baltimore-based LifeBridge Health breach
- 205,000 patient records exposed on misconfigured FTP server at Arkansas-based MedEvolve
- 280,000 Medicaid Patient Records Breached at Oklahoma State University Center for Health Sciences
- 3.7 million records breached at Arizona Banner Desert Medical Center
The 5 Areas to Secure in Your Telehealth Application:
- The content of the conversation itself– the video and audio should be secure enough that no one can listen in, either live or after the fact in a recording.
- Data Exchanged– Text chat messages, medical images and patient records all must be exchanged between telehealth users in the most secure fashion, making sure that hackers cannot gain access, and that patients can’t gain access to other patients information as well.
- Data Stored-Consider carefully what data should be permanently stored and what data should be eliminated after the conversation is over. All data must be stored securely, and aggregate data for analytics or systems or system logging should not contain patient identifying information.
- Payment Information– Just like any e-commerce application, if your application takes payments then it must be done securely.
- Administrative Access– Consider carefully the roles of any administrative access in the system. What can they access and why? How will you make sure that these administrative user accounts are protected and cannot be accessed by hackers? If an administrative account is breached, how will you mitigate the damage a hacker can do?
As you can see, proper telehealth security involves a lot more then protecting your password. You need a comprehensive strategy protecting the data itself on your servers, access to those servers, and the paper records of your practice.
Think a Telehealth Solution may be right for your healthcare business?
We have a telehealth platform that is already built and can be quickly white-labeled and licensed for your use. We have decades of experience with over 200,000 hours invested in building real-time applications. You can read a client testimonial here.
Contact us today. We’ll help you get your user-friendly, HIPAA-compliant app — up and running with both the provider and patient in mind.