Healthcare Information Security

HIPAA and Compliance News

Telemedicine rising in popularity along with security risks

By Ashley Blume

- The introduction of telemedicine stems from the fact that there are certain areas unable to receive the right healthcare because of geographical and financial limitations. At its most basic, telemedicine allows patients to videoconference with physicians for diagnosis and treatment without the burden of commuting. It is all about convenience for both physician and patient.

Even though telemedicine has much to offer healthcare providers, they must think carefully when making the decision whether to incorporate it into their practices because there are security risks. To remain HIPAA- compliant, healthcare providers need to ensure that their patients’ ePHI is secure and encrypted to prevent a data breach or cyber-attack. Similar to bring your own device (BYOD), there is the possibility that baked-in technical safeguards for telemedicine services are not sufficient. As a result, healthcare providers could risk not maintaining HIPAA-compliance if they incorporate telemedicine that does not protect ePHI and other sensitive healthcare information.

HIPAA requires patient data confidentiality to protect the physical health and safety of the patient, especially regarding mental health patients. It is essential that mental health patients feel comfortable with their psychiatrists for treatment purposes, which is why confidentiality is even more stressed. So how can telemedicine aid healthcare providers who specialize in mental health?

According to PR Newswire, the American Psychiatric Association believes TeleMed Psychiatry is the answer for healthcare providers that want to incorporate telemedicine into their practices because of its balance of privacy and security. It eliminates any problems that arise with driving, the patients don’t have to wait to see a psychiatrist and the patients are able to choose where and when they talk to a psychiatrist. It is important that mental health patients receive top quality care by healthcare providers and TeleMed claims that it offers a simple and convenient way to get it, which can be particularly enticing to mental health patients that cannot access it where they live. But how secure is this method for mental health patients and their treatments?

In a public statement, the company indicates that the offering provides not only video chats but also encrypted treatment notes, exportable patient data, immediate billing and direct deposit. These are all incorporated to help protect any sensitive information that may be revealed during the course of the video chat. But there are some things offered by TeleMed Psychiatry that should give healthcare physicians pause, such as the free customized website for promotional means, which, though free, may attract the wrong kind of attention and subsequently put both patient and physician at risk.

There is also a chance that the mental health patient’s computer may not be as protected as the healthcare provider’s, and may actually contain malicious software. This oftentimes latent threat can pose a problem for both healthcare provider and mental health patient because it could permit outside hackers to access the patient’s computer. The hacker could then exploit the machine as a gateway into the healthcare provider’s computer. Not only would the mental health patient have to worry about fraud but so would a vast number of others whose information may become exposed as a result of a successful hack — not to mention the emotional strain experienced by the patient. This could be extremely dangerous for the physical well-being of the mental patient. Healthcare providers who decide to go the route of telemedicine must therefore take these potential consequences into consideration.



SIGN UP and gain free access to articles, white papers, webcasts and exclusive interviews on

HIPAA Compliance
Data Breaches

Our privacy policy

no, thanks