Hackers abound on the internet, and they don’t just want your credit card numbers. Hackers proﬁt directly from stealing bank or credit card information. However, with healthcare or other personal data, they proﬁt by selling that data on the “dark web” to other hackers who may use that personal information as part of identity theft operations.
Healthcare data breaches are a major concern for privacy and ﬁnancial reasons, to both the patient and to the healthcare providers, of both large and small practices.
WebRTC has a few inherent architectural advantages that make it easier to build a secure telehealth video application:
1. Peer to Peer (P2P) – After the Peer Connection has been established, all video, audio, and data traffic over WebRTC are sent directly from one peer to the other(s). This means that there is no intermediary server in which the conversation can be hacked. This is inherently more secure than any application that uses a media server in the middle. Although you can still build a secure application with a media server in the middle, it means you have a central point where conversations could potentially be listened to by a hacker. Any P2P WebRTC call cannot be listened to by a third party.
2. Encrypted – WebRTC encrypts all data while it’s in transit. This means even if someone is watching your network traffic, they will not be able to decrypt the video or audio being sent between two peers and listen in to your conversation.
3. Data Channel – In addition to video and audio, WebRTC also offers a Data Channel layer with the same Peer-to-Peer Encryption. This means your application can use the Data Channel to securely send files or medical data between two peers without fear of someone being able to intercept that data.
Be careful! WebRTC by itself does NOT make your application secure!
Although WebRTC offers inherent security advantages, you still need to secure everything else about the application.
If hackers can compromise your login system, for example, then they can fraudulently setup calls or data exchanges on your system. Likewise, if your database servers are not secure and have unencrypted patient data, then your system can be hacked and a serious data breach can occur. Secure WebRTC-based video is great, but not very valuable if the rest of your system around it is not secure.
Later this week, we will discuss the 5 areas you need to secure in your telehealth video application.
Think a Telehealth Solution may be right for your healthcare business?
We have a telehealth platform that is already built and can be quickly white-labeled and licensed for your use. We have decades of experience with over 200,000 hours invested in building real-time applications. You can read a client testimonial here.
Contact us today. We’ll help you get your user-friendly, HIPAA-compliant app — up and running with both the provider and patient in mind.