Login Register Subscribe
Current Issue

Secure patient data carefully for telemedicine use

Reprints

Telemedicine is being used more frequently to diagnose and monitor patients, especially in rural areas, but risk managers for health care systems should take care to secure sensitive patient information, experts say.

“You as a risk manager and the risk management field have to be aware of what the technologies are and how you’re going to react to them,” said M. Lauree Barreca, senior counsel with Johns Hopkins Health System in Baltimore, during the American Society for Healthcare Risk Management’s annual conference in Indianapolis.

Ms. Barreca said telemedicine takes various forms, including video conferences between doctors and patients, mobile apps used by patients for checking their medical records, and the use of devices that monitor a patient’s vital signs such as blood pressure and blood sugar while they’re at home.

Telemedicine also includes instances in which doctors forward a patient’s medical information to off-site specialists for second opinions, such as when a physician asks radiologists or pathologists to review a patient’s exam records, Ms. Barreca said.

While such technology can help patients receive care and comply with health care regimens, it also increases the risk that sensitive health information could be breached by outside parties, Ms. Barreca said.

“One of the biggest risks in this could be (Health Insurance Portability and Accountability Act) issues,” she said.

Margaret Garrett, senior counsel and director of risk management at Johns Hopkins, recommended that health care systems create telemedicine committees with various stakeholders, such as doctors, nurses and attorneys, to weigh and mitigate risks that could come from telemedicine.

She said she is considering hiring a risk manager to oversee telemedicine issues for Johns Hopkins as such technology becomes more widespread.

In addition to providing data security, Ms. Garrett said health care systems should consider issues such as if a doctor fails to diagnose a patient’s condition through telemedicine, or how to provide continuing care to a patient if telemedicine technology fails.

“What happens when the technology goes down? Where’s your backup?” Ms. Garrett said.