It’s Time To Put Security And Privacy Front And Center For Virtual Care
(Written with Benjamin Corey, senior research associate at Forrester)
Telehealth (virtual care) usage has skyrocketed during the pandemic. When you roll back the tape a few months, healthcare providers were able to (very quickly) stand up virtual care capabilities without having to go through the intensive HIPAA compliance protocols required in the healthcare industry. Some healthcare providers have been able to tap nontraditional technologies such as Apple’s FaceTime as a stopgap measure for virtual care. The accelerated innovation in delivering virtual care to the population was and is a good thing, but when speed takes precedence over security, there will be inevitable challenges. In fact, virtual care platforms have been susceptible to cyberattacks, with evidence indicating attacks on such platforms increased by 30% this year.
Make no mistake: Virtual care is becoming a core component of patient care moving forward, but healthcare organizations (HCOs) need to prioritize security and privacy as:
- Virtual care platforms are more connected and highly distributed than other healthcare technology systems, which make them a prime target for attackers.
- Weak patient authentication into healthcare networks and vulnerabilities found in the hardware and software used by providers have offered attackers more direct avenues to critical assets where protected health information could be stolen or ransomware could be deployed.
- The Office for Civil Rights will strengthen its enforcement of HIPAA requirements as the pandemic starts to get under control. Providers will scramble to implement new security protocols, and at worst, organizations will be looking for a new virtual care platform that is more robust. Security practitioners need to plan for these changes now to avoid being caught off guard.
HCOs Need To Play The Long Game For Virtual Care By Making Preparations Now
Long-term success for virtual care deployments hinges on balancing ease of use and security and privacy. Providers are already hampered by a significant administrative burden and diverging workflows. There are many steps HCOs can take now to achieve this balance.
For starters, security professionals must:
- Evaluate their existing vendors’ abilities to scale, integrate, and resolve security issues quickly.
- Look past the “cool” features vendors offer and ensure the core capabilities they actually use can be scaled to meet current and future needs while keeping patients’ data safe. There will always be time to implement additional “nice to have” functions once the foundation is secure.
Scalability of the technology and of the vendor are just two of several factors healthcare providers will need to consider as they transition their virtual care deployments from the pandemic to a long-term viable care model. For more information on securing your virtual care platform, you can refer to Forrester’s latest research in this space, “The Top 10 Security And Privacy Recommendations For Virtual Care Deployments.”
Have more questions? Schedule time to connect via inquiry here.