alphaspirit - Fotolia


Telemedicine security has the attention of healthcare providers

Healthcare organizations willing to take on remote monitoring projects should allow their IT teams time to craft a telemedicine security plan.

Remote monitoring products, IoT and wearable devices have indisputably increased in popularity to the point where they are now piquing the interest of many healthcare IT executives. These tools offer healthcare organizations a simple and cost-effective way to monitor and collect patients' vital information without requiring a visit to a healthcare facility.

But not all IT employees are enthusiastic about the introduction of these technologies into healthcare. Many IT teams are concerned with telemedicine security and believe the adoption of related technologies could result in future data breaches.

Not having to visit a doctor's office for a checkup is one of the main reasons some patients favor using technology to facilitate remote visits and health monitoring. Healthcare CIOs should consider adopting these technologies because of the prolific amount of data they can provide their organization in real time.

In a recent policy statement, the American Academy of Pediatrics stated that it recommends its members "use telemedicine technologies to improve access to care, provide more patient- and family-centered care, increase efficiencies in practice, enhance the quality of care and address projected shortages in the clinical workforce."

Although the American Academy of Pediatrics was referring specifically to telemedicine -- or telehealth -- services that enable e-visits for pediatric patients, the use of remote monitoring technology and connected devices also could have been included in that statement.

According to an estimate published by Gartner Inc. in 2014, more than 4.9 billion connected things will be used in 2015, "up 30 percent from 2014, and will reach 25 billion [connected things] by 2020."

Such a massive collection of connected devices could cause many serious security concerns. Connected devices entering healthcare could present opportunities for hackers to tap into patients' protected health information. A security testing study performed by HP Fortify showed that 100% of common Internet-connected devices used in home security had significant vulnerabilities such as weak security passwords, lack of adequate encryption and authentication issues.

In the healthcare space, patient data that is exposed because of poor security practices or weak password policies is a violation of HIPAA guidelines, and can result in criminal, legal and financial penalties. Not all connected devices are approved for healthcare use. The U.S. Food and Drug Administration classifies and offers guidelines for some medical devices, while others are considered low risk and can be used for general wellness without significant regulatory obstacles.

As the number of connected devices and implementations of remote patient monitoring technologies increase, healthcare IT executives should support the establishment of telemedicine security practices to protect the devices used by their employees and patients. Device manufacturers are already developing standards and security guidelines for their devices used in healthcare to gain the support and trust of patients and providers.

About the author:
Reda Chouffani is vice president of development at Biz Technology Solutions Inc., which provides software design, development and deployment services for the healthcare industry. Let us know what you think about the story or telemedicine security; e-mail [email protected] or contact @SearchHealthIT on Twitter.

Dig Deeper on Electronic medical records security and data loss prevention