Elnur/Shutterstock

HIPAA Compliant Telehealth Platforms

What platforms protect your privacy?

Elnur/Shutterstock

The coronavirus pandemic has created a demand for “telehealth” digital healthcare services to protect both medical staff and patients and prevent the spread of COVID-19. One of the biggest components of telehealth is “telemedicine,” which entails using technologies and telecommunication systems to administer healthcare to patients, such as virtual doctor’s appointments or using apps to track symptoms and send data back to your doctor.

Doctor’s Office Visits: How to Get the Most Out of Your Appointment 

According to a report by Aritzon, the U.S. telehealth market is expected to see an 80% year-over-year growth due to the pandemic. However, as more and more healthcare information is shared virtually using rapidly evolving technology, many patients are concerned about how their private information is being protected.

Medication information is protected under HIPAA, which stands for the Health Insurance Portability and Accountability Act of 1996. It is a federal law that set national standards to protect sensitive patient health information from being disclosed without the patient's consent or knowledge.

According to the U.S. Department of Health & Human Services (HHS) and the Office of Civil Rights (OCR), because we’re in a national emergency, healthcare providers may communicate with patients and provide telehealth services through remote communications technologies that do not officially meet current HIPAA requirements. However, the HHS and OCR do say those technologies should be non-public facing remote communication products.

While these organizations don’t endorse any particular platforms, they do specify that two-way audio-visual apps such as Facetime, Skype, Google Hangouts or Zoom are allowed. These platforms typically employ end-to-end encryption to protect transmissions and individual log-ins to verify identities. However, Facebook Live, Twitch, TikTok or other public-facing communication services are not considered HIPAA-compliant. 

HIPAA regulations require healthcare providers take security measures to guard against unauthorized access to electronic protected health information that is being transmitted over an electronic communications network. However, if they were acting in good faith and have certain protections in place, a healthcare provider would not face HIPAA penalties if they experienced a hack that exposed protected health information from a telehealth session.

Related

Before making a virtual appointment with your doctor, make sure they’re using an acceptable platform to communicate with you and conduct your visit. Knowing what platforms or apps you need to install for your appointment is just one of the ways you can prepare for your first virtual doctor’s visit.