Whether to help propel their practices into the digital frontier or to help them address the public health crisis brought on by COVID-19, practices are leaning on telehealth solutions more than ever before. The trouble is that with the ubiquity of video conferencing platforms, practices might be skipping essential security steps without realizing it. In this post, we’ll cover a few security basics for video conferencing that help ensure doctor-patient confidentiality and keep patient health information secure.
There are hundreds of video conferencing apps available. Many offer compelling features for free, which might make them seem like great options. Practices should be wary of free options because they may not have the right tools to adequately safeguard confidentiality and keep patient information secure. Be sure to find the vendors that understand the health insurance portability and accountability act (HIPAA) and its requirements. Many vendors will also enter into a business associate agreement. In one of our recent posts, we break down a few great options for telehealth.
If cybercriminals can get into your video chat account, they might be able to get sensitive patient information. Keeping them out is a matter of keeping your accounts secure. Once you find a solution, choose a strong, unique password for your account (services like LastPass make this easy). Don’t write passwords down and don’t share your credentials. If available, use two-factor authentication to create another layer of security. Most platforms will prompt you to set up two-factor authentication as you set up your account. Don’t skip this step.
This should go without saying but invites to meetings should go directly to the patient you’ll be meeting with and nobody else. As you enter in a patient’s address to invite them, double check it to make sure it doesn’t go to the wrong person by mistake. You’d be surprised how often this happens, particularly with people who share a common first name. Also, you may wish to consider using a communication platform that lets you text users an invite. Texts might be less likely to be forwarded and often feel more personal.
Most video chat platforms will either allow you to create a password for your video chat, or it will create one for you. This is super simple to use and helps ensure that if for some reason meeting was shared with anybody but your patient (which should be an extremely rare occasion), it can’t be accessed without a password.
Video conferencing tools usually display who is on your call. If someone joins who isn’t your patient (rare, but possible), you must cancel the meeting and set up a new one with a new password. Afterword, you’ll want to work to understand how an extra participant got on. Was it a staff member? Another patient sent the same invite by mistake?
Many video conferencing apps allow you to record your conversations as you chat. Some practices archive this information for later reference. If you do record examinations, you’re creating very sensitive patient data that is subject to HIPAA, which means you’ll want to store it in a secure location. Most video conferencing apps will store this information inside your account, which may not be the most secure place for it. If you can, save it wherever you house sensitive data, then delete it from the app.
Video conferencing tools are an important part of an effective patient communication strategy, particularly as practices face the lofty challenges associated with COVID-19. As you begin to widen your usage of these tools, be sure to implement policies and follow practices that keep patient information safe and confidential.
If you’re looking for tools to help augment your strategy, video is just the beginning. Swell is offering their communications package completely free for 60 days with no commitment. Check out this page