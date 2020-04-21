Loosening of HIPPA privacy laws and expansions of telehealth visit coverage has led to a surge in usage of the technology during the COVID-19 pandemic.
The temporary changes in policy and reimbursements serve a clear purpose – virtual visits help providers conserve resources and slow the spread of COVID-19 by limiting people coming in and out of facilities.
But all residents considering telehealth need to understand privacy risks prior to setting up a virtual appointment, which providers have a responsibility to help their patients navigate.
Starting in March, the U.S. Department of Health and Human Services Office of Civil Rights said it would not enforce HIPPA violations for good faith practice of telehealth services during the COVID-19 public health crisis.
The announcement meant that providers can use non-public facing platforms such as FaceTime, Google Handouts, Facebook Messenger or Skype to communicate with patients.
The Office of Civil Rights encourages providers to enable all encryption and privacy modes and notify patients that third-party applications introduce potential privacy risks, which all local health care providers should clearly explain.
The reality is that no provider has control over the possibility of data hosted or stored in a non-HIPAA compliant platform being used for unexpected or undesirable purposes.
If you use FaceTime to meet with your doctor, for instance, Apple is under no concrete obligation to ensure your data is kept secure on its servers.
“I think this could be a big concern because to some degree you are arguably relying on good intentions and faith from the data companies,” Matthew Fisher, a corporate health care and regulatory attorney, told the Advocate. “But there are no contractual or regulatory restrictions on how that data could be used.”
HIPPA-compliant platforms have proven that they are confidential and secure with regards to privacy, where as non-compliant platforms are not under any sort of contract or agreement demonstrating that they provide a secure means of communication.
If you are scheduling a telehealth visit, ask for a HIPAA-compliant telehealth platform and verify compliance to protect your privacy.
Just because you are familiar with a non-complaint platform also does not mean you should choose comfort over a HIPPA-compliant service.
Most providers already have implemented HIPPA-compliant platforms for telehealth visits, like UpDox, which allows patients to click on a link sent via text and have a visit via audio and video from a secure internet browser.
If you do not have a device sophisticated enough to utilize a HIPPA-compliant platform, then ask your provider what is the next most secure way to virtually meet.
While these difficult times have called for new measures that make telehealth easier, the importance of your medical privacy must not go understated or outweighed during the process.
Post a comment as
Report
Watch this discussion.
(0) comments
Welcome to the discussion.
Log In
Transparency. Your full name is required.
Keep it Clean. Please avoid obscene, vulgar, lewd, racist or sexually-oriented language.
PLEASE TURN OFF YOUR CAPS LOCK.
Don't Threaten. Threats of harming another person will not be tolerated.
Be Truthful. Don't knowingly lie about anyone or anything.
Be Nice. No racism, sexism or any sort of -ism that is degrading to another person.
Be Proactive. Use the 'Report' link on each comment to let us know of abusive posts.
Share with Us. We'd love to hear eyewitness accounts, the history behind an article. And receive photos, videos of what you see.
Don’t be a troll. Don’t be a troll. Don’t post inflammatory or off-topic messages, or personal attacks.