The COVID-19 pandemic has prompted social distancing as a safety measure across the country. How this new normal affects general health care can be seen in the rise of telehealth services, as people are encouraged to use them to limit in-person interactions with medical staff and help prevent the spread of COVID-19. But like any online activity, there are security risks involved for patients’ personal data and companies’ private information. How can patients and doctors ensure each parties’ information is protected? “Telehealth was trending upward before the pandemic, and there were already privacy and security concerns,” says Stephen Hyduchak, CEO of Aver, an identity-verification service. “But those are heightened now as people want the immediacy of care and are ready to accept the exchange of privacy to receive that.” Hyduchak suggests using these security practices when using telehealth services:
Double-check before downloading the app. “Your healthcare provider may have a preferred app that you can download from its website,” Hyduchak says. “That’s the safest route. Your company may offer this service, and if so, check with human resources to make sure the information is correct before downloading. Otherwise, use a reputable online store to download the app.”
Beware of phishing, social engineering of telemedicine. “The basic rule for most cybersecurity measures very much applies: Always verify a link or attachment before opening it,” Hyduchak says. “There are coronavirus-based phishing campaigns by hackers. Their aim is to get you to click onto a malicious telehealth link.”
Learn how the service uses your data. “Look for telemedicine providers that explain their use of data that you share, usually doing this in writing with a code of conduct,” Hyduchak says. “You have to make sure the telehealth service is reputable and that it’s following all HIPPA rules. Also, only disclose relevant information that is absolutely essential.”