Healthcare has always been a popular target for cybercriminals, with healthcare data breaches costing the industry over $4 billion in 2019. As healthcare organizations quickly pivoted to telehealth to contend with patients’ needs during the COVID-19 pandemic, hackers upped their ferocity. In 2020, healthcare cyberattacks increased by 55%, impacting the PHI of 26 million people in America. Meanwhile, telehealth, which is becoming more and more common, often lacks the data safeguards needed to protect against hackers and other bad actors. It’s time for us to have a serious conversation about telehealth and cybersecurity. Let’s unpack.
Telehealth Doesn’t Always Account for Control of Data
When it comes to connecting with patients and other care team members and sharing PHI, you need to make sure you’re in control of data at all times. That means always knowing where that data is and ensuring it doesn’t end up in a scenario where it can be leaked. But that’s easier said than done. For example, take a scenario where care team members use a common encrypted messaging app to share information about a patient. Yes, the information shared is encrypted, but anyone on the team is able to screenshot it or forward it. If their device is hacked, a bad actor might be able to gain access to it. In other words, you have no idea where the PHI is going and who might be able to breach it.
Encryption Matters – But You Also Need to Think Beyond It
So, what should healthcare organizations concerned about telehealth and cybersecurity do? The first step is to focus on encryption. Encryption must be built into every stage of the cycle – from when it’s in-transit, to when it’s accessed, to when it’s stored. But that is not enough. Healthcare organizations need to make sure that any technology they use for telehealth keeps them in control of their data. Let’s revisit the scenario described above: imagine if the same healthcare team used platform that prevented PHI from remaining on devices or being screenshotted or shared further. At the same time the PHI could still be archived for compliance purposes. In that scenario, it would be simple for the team to communicate without having to worry about PHI breaches.
The Right Technology Matters
With threats against healthcare more and more common, finding the right technology to protect data when it comes to telehealth and cybersecurity matters. Vaporstrem makes it easy to communicate with care teams, making communication – even when team members are remote – a breeze, without having to worry about PHI being compromised. Find out more about how we can assist you here: