Doctor-Patient Confidentiality and Privacy in Telehealth
Telehealth includes using telecommunications technology to prevent and cure illness and to improve individuals’ and communities’ health. Although telemedicine has specific benefits for rural and underserved communities, it is increasingly recognized for its ability to reduce costs by offering real-time resources for encouraging wellbeing, preventing disease, and allowing chronic conditions to be treated at home.
Telehealth also includes the bidirectional, remote collection, and the exchange between health care providers and patients of confidential health information. For a medical device to qualify as a telehealth device, the device’s health information needs to be shared over a network. For example, when a glucose monitor sends readings over an internet network to a provider or a provider’s information system, it becomes a telehealth tool. Similarly, some standard networking systems, such as videoconferencing, are also used to share information on health care and thereby become telehealth devices in those environments. In addition to hardware, Telehealth tools do provide mobile phone applications (apps).
In many countries around the world, telemedicine is increasingly becoming popular. It has many advantages, such as cost savings and greater access to health care in rural areas in many parts of the globe, but it still has certain drawbacks. One of the main issues is the issue of the rights and confidentiality of patients while using telemedicine. There are no formal telemedicine protocols and procedures yet in effect. Many patients and practitioners are unaware of the quality of practice and how confidentiality should be protected. The patient is uncertain as to how to protect her/his rights in the use of telemedicine. The issue of litigation is also unclear as to where the physician is practicing when he/she uses telemedicine. Is she/he practicing in the country where the patient is, or is the physician practicing in the country of her/his origin?
However, to realize the full potential of telehealth, patients and providers have to rely on telehealth services to keep personal information private and secure. Through a detailed regulatory structure developed and implemented by the Federal Trade Commission (FTC), we examine the privacy and security risks of telehealth systems, outline the degree to which technological restrictions and current federal laws address these risks, and provide suggestions for building and sustaining public interest in telehealth systems.
Patients usually consent to an implanted device, an embedded sensor, or to use a safety app. However, overreliance on consent leads to inadequate privacy security. Patients often do not read or completely understand privacy policies, and consent transfers the privacy responsibility to the patient who may not be in a position to make meaningful privacy choices.
For a conventional telehealth system where a provider interacts with a patient, related risks include violation of confidentiality during the collection of sensitive data or transmission to the provider’s network; unauthorized access to supporting computer features as well as data stored on it; and untrusted software and hardware delivery to the patient. While we are unaware of the direct harm to patients in a telehealth network associated with a security flaw, empirical examples of these problems have been discovered. Some insulin pumps, for example, have been found vulnerable to hacking. There have also been cases where unauthorized software, such as file-sharing software installed by a health care worker, has resulted in a misuse of patient information and theft of medical identification.
A telemedicine consultation requires exchanging patient information; thus, it must be done in such a way that the privacy and safety of that information are protected. Privately gathering the information means conducting the consultation in such a way that no one else who is not supposed to be part of the consultation can see the report or hear the conversation. Sending the information safely ensures that only those who are engaging directly in the patient’s treatment will have the ability to access it. It is during this process that privacy measures, including the correct application of automatic redaction software, come into play.
Aspects of privacy are usually controlled by monitoring the environment in which the consultation is conducted. The security aspects are technological, and vendors are usually in charge of them. HISO Standard 10029 defines the problems to be addressed in the Health Information Security Setting. The Connected Health Network was developed as a forum for safe health sharing. This includes vendors being accredited and certified. The considerations in this may be extended to similar forms of related video conferencing solutions on the network.
Telehealth services pose threats to the privacy and protection of information about patients’ health. Privacy threats include a lack of control over data collection, usage, and sharing. Household telehealth devices and sensors designed for detecting falls, for example, that capture and distribute information about household behaviors that a patient prefers to keep private, such as substance use or that the house is unoccupied at a particular time.
Smartphone apps that share sensitive data with advertisers and other third parties, such as location sensor data, in ways not expected by the users. The primary risk of protection is that of unauthorized data access during processing, transmission, or storage. Any transfer or exchange has the risk of breaching security.
HIPAA Privacy and Security regulations offer safeguards for identifiable health information, but only when it is obtained and exchanged by “protected entities” — health care services who bill electronically using HIPAA standards, health plans, and health care clearinghouses. Where applicable, HIPAA’s Privacy Rule sets restrictions on the use and disclosure of identifiable health information, and its Protection Rule provides for the implementation of technological, physical, and administrative protections to secure electronically identifiable health information. For example, redaction of data at rest and in transit is an “addressable implementation specification” under the Security Rule, meaning that HIPAA-covered entities are expected to implement it unless it is not “reasonable and appropriate” to do so. Additionally, the regulation specifies that providers are expected to follow policies on identity protection and access controls.
In the Health Information Technology for Economic and Clinical Health ( HITECH) Act of 2009, Congress expanded HIPAA to “business associates,” organizations that “develop, obtain, preserve or distribute” identifiable health information to perform a task or service “on behalf of” an entity protected.
Other Federal Protections
Given the restricted applicability of HIPAA to patient-facing telehealth services, its protections do not extend to knowledge obtained from most of the digital tools that patients receive. Additional federal laws provide some protection, however.
Where a telehealth system acts as a medical device, it may also be regulated by the Food and Drug Administration ( FDA). The FDA does not tackle privacy concerns explicitly but focuses on protection insofar as it affects the safety of medical devices. In June 2013, the FDA released a draft guidance document on ‘Managing Cybersecurity in Medical Devices,’ urging manufacturers to establish security controls to protect ‘Confidentiality, Integrity and Accessibility’ of information. The FDA finalized guidelines on wireless radio-frequency technology in medical devices in August 2013.
The FDA is creating a federal standard for telehealth safety through these guidance documents, but the authority of the FDA has limits. The FDA regulates only products that it considers to be medical devices and focuses exclusively on protections designed to guarantee health. This does not concentrate on privacy protections that implement guidelines or regulations for the collection, use, and disclosure of potentially sensitive information regarding health.
HIPAA Compliant Telehealth
There are several options for healthcare professionals who would like to provide patients with a HIPAA-compliant telehealth service easily and affordably. For example, if they choose to use the HIPAA-compliant CaseGuard Automatic Redaction, the physicians can guarantee each patient their privacy by redacting any information or records that might be used to personally identify the patient during transmission or storage of media files.
To safeguard patients and foster public interest, a robust and transparent technology structure is required to guarantee the privacy and protection of information obtained or exchanged through telehealth technologies. Additionally, there should be a fair and stable federal policy with provisions that are compatible with HIPAA, but they should also adapt to risks to privacy and security that are more typical of patient- and consumer-facing technologies. Specifically, the policy should tackle issues such as security vulnerabilities, and the lack of customer access to their details. These policies should be adapted to resolve the specific threats to telehealth listed here. The policies would cover the collection, use, and disclosure of data, both for the intended intent of the technology and for any secondary usage of data, such as analytics.
Concerns regarding the privacy and protection of telehealth systems will adversely affect the trust of people in telehealth and undermine the ability of these systems to enhance health care efficiency, quality, and effectiveness. More stringent standards and regulations may be required not only for telehealth but also for all electronic user information to ensure effective privacy and security protections. But many people, especially those who are chronically ill, think the advantages of using telehealth systems outweigh the risks. Doctors can contribute to telehealth’s success by adhering to patient-centered treatment plans that use telehealth resources efficiently and ensuring that they are mindful of possible privacy and security risks.