StateTech: Ensuring telehealth solutions are HIPAA-compliant remains critical, even amid relaxed rules

StateTech: Ensuring telehealth solutions are HIPAA-compliant remains critical, even amid relaxed rules

Excerpt from: How States Can Secure Public Health Telehealth Deployments

At a time when public health departments have been stretched thin by the coronavirus pandemic, telehealth solutions have helped ease the strain by connecting doctors remotely to patients. That has been especially useful during a time when everyone has been advised to maintain social distancing to help reduce the spread of the virus.

Part of the issue involves making sure the professionals who are operating the telehealth tools “have good visibility into who is compliant and who is not,” says Wolf Goerlich, advisory CISO at Cisco’s Duo Security. “A good deal of time and attention is spent on that.”

The actual appointment itself presents challenges, Wolf notes, because doctors and patients may all have different devices, different network settings and conditions, and varying bandwidth constraints.

Throughout this process, there are a number of security systems at work, says Goerlich. There is a need to confirm the clinician is who they say they are. The clinician and patient devices need to be certified as healthy and free of malware or are not going back to a command-and-control site.

“From a technical perspective, it comes down to really good authentication, access controls, adaptive access policies, device health and the integrations that happen along the way,” Goerlich says.

Read the full article here: https://statetechmagazine.com/article/2020/05/how-states-can-secure-public-health-telehealth-deployments-perfcon

Posted by