Banner

Article

The Value of HIPAA Compliance in Telehealth

Author(s):

In today's technology age, we want information when we want it. Which often means right now. And from tablets and smart phones, to smart watches and health monitoring devices, having that availability of information readily at our fingertips has become the norm.

In today’s technology age, we want information when we want it. Which often means right now. And from tablets and smart phones to smart watches and health monitoring devices, having that availability of information readily at our fingertips has become the norm.

“We all know the technology that’s in the palm of our hands is more powerful than what was on Apollo 13,” says Allan Ridings, senior risk manager and patient safety specialist for the Cooperative of American Physicians, Inc. “We have the stuff available.”

But how we use it, particularly for physicians making increasing use of telehealth and telemedicine, is key. That’s because, as with conventional medicine, a telehealth and video caregiver must uphold the same duties to safeguard a patient’s medical record and keep their treatments confidential.

Compliance across the board

The issues regarding privacy and confidentiality in the medical field, Ridings explains, are not necessarily any different in an electronic environment.

“Our understanding is that as long as you’re in compliance with the electronic standards of HIPAA, and you’re using an encrypted system, that’s fine,” Ridings says.

But ensuring you are compliant with HIPAA is not where a physician’s obligation ends. That’s because state medical boards may have different or more stringent regulations.

“I know that New York, Florida, and California do have stronger guidelines on patient privacy,” Ridings says.

It’s also critical that medical practices have a current, signed business associate agreement with any company they might be sharing data with, as well as a current, signed patient/provider agreement for telehealth and video. That’s important, because certain video services such as Skype have known issues with security and privacy.

“The thing we’ve addressed quite recently regarding [Skype] and others on the market like it is they won’t sign a business agreement with you,” Ridings says. “So, it opens your eyes. If they won’t sign the business agreement, why should you be doing this? Why publicly open yourself up to a breach?”

Ease patient concerns

In addition, fears about the reliability, the technology and the potential devastation of a loss of their protected health information can leave some patients distrustful of telehealth — especially among older patients.

“The millennials have no problem,” Ridings says. “It’s our seniors that are not even used to a computer yet, let alone doing something on a video chat line. There’s a lot of concerns about the senior population, and even younger than that. Patients are sometimes reluctant. They want to be able to touch and feel their caregiver in front of them.”

There are steps medical practices can take to allay patient concerns, including making education programs and materials available for patients. And beyond the age factor, Ridings says it’s also important to acknowledge and respect a possibility of cultural diversity, and watch for facial expressions, gestures and body language.

“If your gut instinct tells you to offer the patient a true face-to-face office visit, then go with your gut instinct,” Ridings says.

Clear benefits

Ridings says the benefits of telehealth are considerable. Patients tend to get quicker access, files are all documented and stored in a patient’s electronic medical record, and there are financial benefits to a practice as well.

“Medical practices could end up getting a lot more new patients because they are technology savvy,” Ridings explains. “They’ve embraced newer technologies, which the millennials and some of the seniors may say, ‘Hey, I don’t have to leave my house in the snow. I could even probably go to a pharmacy and use their chat system.”

But there are some drawbacks as well. In addition to potential breaches, practices could experience a loss of revenue because patients stop making office visits.

“It’s a give and take,” Ridings says. “You have to know what type of practice you are. If you’re pediatrics or OB/GYN, you’re not going to do a well baby check or an OB visit every two weeks with a pregnant woman over a video chat.”

Getting started

Ridings encourages physicians interested in telehealth consults to see what are currently available in their patient portal. Video may already be a part of the services their vendor is providing. If not, perhaps the vendor might consider adding it. And what would be the cost of adding that feature?

“Do some research,” Ridings says. “What type of cameras will you need? What type of resolution? Will it work on the same smart phone instruments already on the market? It’s going to cost somebody some money, whether it’s the patient buying a new instrument or the physician. But start with the patient portal to see if video is already included.”

Click here for a quick check of HIPAA privacy rules.

Related Videos
Victor J. Dzau, MD, gives expert advice
Victor J. Dzau, MD, gives expert advice