81% of Telehealth Providers Are Concerned About Data Leakage

December 06, 2021 - Telehealth proved to be a crucial and tool in healthcare at the height of the pandemic, but patients and providers still harbor concerns about data security and privacy. Over 90 percent of global healthcare providers have implemented telehealth capabilities into their practice, a new survey conducted by Arlington Research and commissioned by Kaspersky found. Most of those providers only started using telehealth at the onset of the pandemic

However, 52 percent of surveyed telehealth providers also reported experiencing cases where patients have refused to engage in telehealth services because they did not trust the technology to protect their data security and privacy.

It is important to note that any technology that is implemented quickly comes with legitimate security risks. But for the most part, these risks do not outweigh the benefits of telehealth.

Over 70 percent of surveyed telehealth providers said that they use legacy operating systems, largely because of the costs associated with updating them. Legacy systems may pose risks to security because they often cannot be patched or updated, exposing them to security vulnerabilities.

About a third of respondents said that some of their clinicians have had their patients’ data compromised when conducting remote telehealth sessions. In addition, a third of respondents agreed that their organizations have faced cybersecurity issues due to third-party vendor vulnerabilities.

An overwhelming majority of respondents raised concerns about how patient data is used and shared during telehealth sessions, and many reported concerns about personal penalties that might arise in the case of a telehealth data leakage.

To ease these concerns, California recently extended the telehealth HIPAA penalty exemption through the end of the COVID-19 public health emergency. This allows providers to conduct telehealth appointments without running the risk of facing HIPAA penalties.

“Many global healthcare providers have fears about the cybersecurity readiness of their organization and in most cases, they cannot guarantee data privacy and safety,” the report stated.

“Only three in ten respondents are very confident that their company can effectively stop all attacks/ breaches of its perimeter.”

Additionally, only a third of respondents reported being confident that their organizations had adequate hardware and software IT security protection, multiple backups, and necessary measures in place to safely use telehealth.

Four in ten surveyed telehealth providers agreed that the majority of clinicians do not have clear insights into how patient data is protected.

Despite knowledge gaps and security concerns, 71 percent of respondents agreed that telehealth services would add the most value to the healthcare sector in the next five years compared to any other technology.

There is strong optimism in healthcare surrounding emerging technologies, but security risks continue to give providers pause when it comes to implementing these new technologies into their practices.

Researchers recommended that healthcare organizations focus on endpoint security, regularly update software, and invest in cybersecurity education to mitigate risk.

“A quick switch to any type of technology on such a grand scale is always going to cause concerns but some unresolved issues related to use of telehealth services are holding back its rapid growth,” the report reasoned.

“The challenge for the industry is to scale up the security level of these networks to provide protection and peace of mind to everyone involved as the continued worldwide dependency on the service increases.”