By Blaise Wabo, associate director, A-LIGN.
As technology continues to improve, using virtual connections in place of face-to-face meetings has surged in popularity. The healthcare industry is no different – the telehealth industry is predicted to be worth more than $130 billion by 2025. While telehealth offers many benefits to patients, particularly those who are unable to leave their homes, the technology raises several serious security concerns.
These problems primarily stem from the lack of security controls when it comes to the collection and sharing of data. During a conversation between a patient and doctor, for example, sensitive, personal patient data is often shared. When the connection between patient and doctor is virtual, it is possible that an unsecured connection could be interrupted, and patient data leaked. Home telehealth devices and sensors may also collect data that a patient would prefer to keep private, including times that the home is unoccupied. If devices are storing and transmitting this data, it is possible that it could be accessed by third parties.
These concerns have left a lingering question: how can patients still reap the benefits of telehealth while ensuring their connections and data remain secure? The answer may lie in another technology that healthcare providers have only started to adopt – blockchain.
Enabling Secure Data
Blockchain at its most basic level simply enables secure, immutable and anonymous transactions, allowing cross-network communications to take place through mutually agreed upon interactions between parties. For healthcare providers, this opens up an efficient means of transferring data and communicating between different organizations that handle patient data. Medical records can also be stored using blockchain, allowing providers to create a more complete patient history by keeping larger amounts of data and information securely encrypted in fragmented systems.
The ability to securely share data and control who has access to it will surely help to increase consumer confidence when it comes to telehealth. Blockchain requires that data is approved by both the patient and doctor before it is entered into a computer. The data must also be verified against a previous ledger, so no single party ever has total control. This ensures multiple checks are in place and reduces the chance that an unauthorized party could access sensitive patient data, which is one of the main concerns when it comes to using telehealth.
Regulating Sensitive Communications
While it offers many solutions, federal organizations have not officially decided how regulations would apply to blockchain, including the Health Insurance Portability and Accountability Act (HIPAA). HIPAA outlines rules for ensuring the privacy and security of patient data, as well as the secure transfer of data, but it does not apply to patients; ensuring blockchain users remain compliant will be the responsibility of healthcare providers.
HIPPA guidelines for telehealth require that healthcare organizations communicate electronically protected health information (ePHI) through regulated channels to ensure security. This means that tools like Skype or unencrypted email cannot be used to communicate ePHI, limiting what could be used for cost-effective telehealth.